Will I be in a pickle?
Ken Seehof
kseehof at neuralintegrator.com
Sun Nov 17 20:58:10 EST 2002
The documentation warns that unpickling from an untrusted socket is dangerous,
and also tells how to use find_global to protect myself. I understand how one
would hack a naked pickle destination.
Can anyone confirm whether or not it is actually safe and secure to use cPickle
if I use find_global to restrict the data to a specific set of a few classes?
Can anyone give an example of a hack against the above scenario?
- Ken
More information about the Python-list
mailing list