Securing 'pickle'

[Paul Rubin]

Erik Max Francis <max at alcyone.com> writes:
> > Because now you need a mechanism to store the session info on the
> > server, and you might want it to work across multiple load-balanced
> > servers that fail over to one another, etc.
> 
> That's far superior to presenting the opportunity to exploits in the
> first place, in my opinion.  Depending on the contents of the contents
> of that cookie, what you suggest may not be a problem at all (depending
> on how critical the data contained therein is).

I'm not sure what you're saying here.  My suggestion is to
authenticate the cookies with a cryptographic checksum and verify the
authentication before deserializing the cookies.  That's probably the
simplest approach.  Keeping session info on a multi-process server (or
worse, a multi-server network) needs some kind of concurrent storage
mechanism.  I don't see a robust, secure, low-overhead way to do that
with out-of-the-box Python.  Any suggestions?