From: Cecil Westerhof Newsgroups: comp.lang.python Subject: Re: To pickle or not to pickle Organization: Decebal Computing References: <87h9rnz8yy.fsf@Equus.decebal.nl> <554c95df$0$12988$c3e8da3$5496439d@news.astraweb.com> <878uczz3ks.fsf@Equus.decebal.nl> X-Face: "(y8cC@tg_12{">GF'UXTW]FHI2wMiZNrnf'1EFQ&O#$m:f#O7+7}kR,v+Pti8=Vi/Z"g^?b"E X-Homepage: http://www.decebal.nl/ Date: Fri, 08 May 2015 16:34:58 +0200 Message-ID: <87zj5fxhm5.fsf@Equus.decebal.nl> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) Cancel-Lock: sha1:qKNCA+0wEDH6XskQZC4arLXOIck= MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Lines: 50 NNTP-Posting-Host: 81.207.62.244 X-Trace: 1431096307 news.kpn.nl 25005 81.207.62.244@kpn/81.207.62.244:42183 Path: csiph.com!usenet.pasdenom.info!bete-des-vosges.org!feed.ac-versailles.fr!proxad.net!feeder1-2.proxad.net!137.226.75.22.MISMATCH!newsfeed.fsmpi.rwth-aachen.de!newsfeed.straub-nv.de!newsfeed.pionier.net.pl!feed.xsnews.nl!border03.ams.xsnews.nl!feeder03.ams.xsnews.nl!abp001.ams.xsnews.nl!frontend-F09-14.ams.news.kpn.nl Xref: csiph.com comp.lang.python:90173 Op Friday 8 May 2015 14:53 CEST schreef Chris Angelico: > On Fri, May 8, 2015 at 9:55 PM, Cecil Westerhof wrote: >> Op Friday 8 May 2015 12:54 CEST schreef Steven D'Aprano: >> >>> If your code is only going to be used by yourself, I'd just use >>> pickle. If you are creating an application for others to use, I >>> would spend the extra effort to build in support for at least >>> pickle, JSON and plists, and let the user decide what they prefer. >> >> Well, I put it on GitHub, so I hope it is going to be used by >> others also. ;-) There are other things that are more urgent at the >> moment, but in the future I will implement JSON and plists then. > > But will the pickle files be shared? If not, they're still nice and > private, and fairly safe. The problem comes when, for instance, you > have a client Python program that pickles data and sends it over a > network to a server Python program to be unpickled, because then > someone could craft a malicious pickle and send it to you to eat. If > they're only ever saved locally and re-read, there shouldn't be any > security risk (anyone who could reach in and edit the pickle file > could probably reach in and change the code anyway). I would expect not. But I never know what someone else is going to do. ;-) But in my case there is a Twitter directory with: quotes.txt quotes.pickle tips.txt tips.pickle All four files are normally only accessed by the Python program. When I want to extend the messages I use a text editor to append them. The .txt files contain messages that can be used. And the .pickle files contain the ‘recently’ used messages. When I unpickle quotes.pickle I get: [25, 112, 4, 18, 41, 2, 81, 75, 28, 60, 105, 47, 84, 65, 103, 42, 13, 66, 55, 124, 6, 82, 76, 12, 61, 113, 119, 96, 3, 68, 11, 89, 98, 107, 118, 29, 57, 33, 88, 121, 110, 49, 90, 72, 87, 114, 43, 59, 8, 92] Very simple indeed. -- Cecil Westerhof Senior Software Engineer LinkedIn: http://www.linkedin.com/in/cecilwesterhof