[Tutor] data storage question
Danny Yoo
dyoo at hashcollision.org
Tue Aug 2 00:32:46 EDT 2016
One other thing: you might hear another popular approach is to use the
"pickle" module. I don't think it'd be appropriate for your situation
because it would be overkill for the problem you're describing. JSON
is safer: if you have to choose between JSON and pickle, use JSON.
---
More curmudgeon-y details: I'm not a fan of pickle because it does way
too much for its own good. It's tied to Python, as opposed to being a
language-agnostic file format, so no other tools besides Python know
how to parse it well. Furthermore, it has eval() deeply buried within
it. That is, it is too powerful for most programmers to use safely.
There are a few links you can read if you're interested as to why
pickle is probably not what you want.
https://blog.nelhage.com/2011/03/exploiting-pickle/
https://lincolnloop.com/blog/playing-pickle-security/
http://www.benfrederickson.com/dont-pickle-your-data/
Just wanted to mention this because it used to be the case where
'pickle' would be a proposed solution to the kind of problem you're
encountering. With experience, we can say with more certainty that
'pickle' is a sour pick.
More information about the Tutor
mailing list