is there a safe marshaler?

[Paul Rubin]

"guido at python.org" <gvanrossum at gmail.com> writes:
> > Pickle and marshal are not safe. They can do harmful things if fed
> > maliciously constructed data.  That is a pity, because marshal is fast.
> 
> I think marshal could be fixed; the only unsafety I'm aware of is that
> it doesn't always act rationally when confronted with incorrect input
> like bad type codes or truncated input. It only receives instances of
> the built-in types and it never executes user code as a result of
> unmarshalling.

There's another issue with marshal that makes it unsuitable for Pyro,
which is that its data format is (for legitimate reasons) not
guaranteed to be the same across different Python releases.  That
means that if the two ends of the Pyro application aren't using the
same Python version, they might not be able to interoperate.

I don't remember if marshal strings contain a version number.  If they
do, then the non-interoperating versions can notice the
incompatibility and raise an appropriate error.  If they don't, then
undefined behavior and possible security holes could result, unless
Pyro takes special measures to notice the possibility.

See SF bugs #467384 and #471893 for some further discussion.