[Tutor] extracting a cPickle/pickle file from inside a zip file
Danny Yoo
dyoo at hashcollision.org
Fri Aug 29 23:54:40 CEST 2014
Hi Dillup,
One other comment other than the zipfile stuff: you might want to
consider something other than pickle format if you want
interchangeability with other tools. JSON, for example, is pretty
well-supported in the json library:
https://docs.python.org/2/library/json.html
and it has an interface similar to that of pickle, so it's easy to switch to it.
I recommend this instead of pickle, unless your situation favors
pickle. JSON has a looser coupling to Python, and more importantly,
fewer security concerns. Pickle can do some very dynamic stuff,
including eval-like behavior, which can be a worry. See:
http://stackoverflow.com/questions/10282175/attacking-pythons-pickle
for example.
If you're trying to represent dictionaries of string keys and values,
that's something that JSON can handle very well.
More information about the Tutor
mailing list