9th September 2009 - Link Blog
Why Python Pickle is Insecure. Because pickle is essentially a stack-based interpreter, so you can put os.system on the stack and use it to execute arbitrary commands.
Recent articles
- The new GPT-5.6 family: Luna, Terra, Sol - 9th July 2026
- sqlite-utils 4.0, now with database schema migrations - 7th July 2026
- sqlite-utils 4.0rc2, mostly written by Claude Fable (for about $149.25) - 5th July 2026