Threads vs Processes
bryanjugglercryptographer at yahoo.com
bryanjugglercryptographer at yahoo.com
Thu Jul 27 15:06:27 EDT 2006
Carl J. Van Arsdall wrote:
[...]
> I actually do use pickle (not for this, but for other things), could you
> elaborate on the safety issue?
>From http://docs.python.org/lib/node63.html :
Warning: The pickle module is not intended to be secure
against erroneous or maliciously constructed data. Never
unpickle data received from an untrusted or unauthenticated
source.
A corrupted pickle can crash Python. An evil pickle could probably
hijack your process.
--
--Bryan
More information about the Python-list
mailing list