Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #90163
| Path | csiph.com!usenet.pasdenom.info!news.redatomik.org!newsfeed.xs4all.nl!newsfeed3a.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <rosuav@gmail.com> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.020 |
| X-Spam-Evidence | '*H*': 0.96; '*S*': 0.00; ';-)': 0.03; 'subject:not': 0.03; 'json': 0.07; 'cest': 0.09; 'craft': 0.09; 'cc:addr:python- list': 0.11; 'python': 0.11; 'from:addr:rosuav': 0.16; 'from:name:chris angelico': 0.16; 'prefer.': 0.16; 'when,': 0.16; 'wrote:': 0.18; 'not,': 0.20; 'cc:addr:python.org': 0.22; 'creating': 0.23; 'instance,': 0.24; 'sends': 0.24; "shouldn't": 0.24; 'decide': 0.24; 'fairly': 0.24; 'cc:2**0': 0.24; 'least': 0.26; 'header:In-Reply-To:1': 0.27; 'said,': 0.30; 'then.': 0.30; 'message-id:@mail.gmail.com': 0.30; 'code': 0.31; 'pickle': 0.31; 'steven': 0.31; 'file': 0.32; 'probably': 0.32; 'text': 0.33; 'fri,': 0.33; 'plain': 0.33; "i'd": 0.34; 'could': 0.34; 'problem': 0.35; 'something': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'there': 0.35; 'effort': 0.37; 'application': 0.37; 'implement': 0.38; 'server': 0.38; 'files': 0.38; 'pm,': 0.38; 'future': 0.60; 'simple,': 0.60; 'hope': 0.61; 'reach': 0.63; 'more': 0.64; 'worth': 0.66; 'urgent': 0.67; 'risk': 0.72; '2015': 0.84; 'malicious': 0.84; 'safe.': 0.84; 'to:none': 0.92; 'yourself,': 0.95 |
| DKIM-Signature | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:cc :content-type; bh=lpGTkwoBm/gn689ya/9SDr4wPxDbAnfa/2fxlKNBE0Q=; b=TBzhNIrzy5H2zpzB+TjOpvsigwWnGQpKDsMO542fUPFgYd4wsT20b5ZXV/BQNyQ+W3 L/ESL1aton/DlKzPha8mvGuSP/+HatFaQwJc/omH/ndS9KEu29A2dvxbrrEV0PgLntiC f7ao10V5/vF7J2VUoT3jWgqDu+MrdKBiJQk4izmTva11fxzSEPX4IlWELRFb7xopl1m5 gyptOsdjPiAwt56nFhE0GHE2svZ/MRlpg8hZPe3aQKJLTQW+2/IoBvPm3tVF7XP38S9z Sd7HD8I/rRJRcSqIp3CVCB+O0q/WJHlKduCjpHD9FGuc7Bkul/KyAnLhpjf7RUpCwAmo sRlA== |
| MIME-Version | 1.0 |
| X-Received | by 10.42.43.199 with SMTP id y7mr3944683ice.12.1431089613285; Fri, 08 May 2015 05:53:33 -0700 (PDT) |
| In-Reply-To | <878uczz3ks.fsf@Equus.decebal.nl> |
| References | <87h9rnz8yy.fsf@Equus.decebal.nl> <554c95df$0$12988$c3e8da3$5496439d@news.astraweb.com> <878uczz3ks.fsf@Equus.decebal.nl> |
| Date | Fri, 8 May 2015 22:53:33 +1000 |
| Subject | Re: To pickle or not to pickle |
| From | Chris Angelico <rosuav@gmail.com> |
| Cc | "python-list@python.org" <python-list@python.org> |
| Content-Type | text/plain; charset=UTF-8 |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.20+ |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <https://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list/> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <https://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.246.1431089615.12865.python-list@python.org> (permalink) |
| Lines | 25 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1431089615 news.xs4all.nl 2853 [2001:888:2000:d::a6]:57800 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python:90163 |
Show key headers only | View raw
On Fri, May 8, 2015 at 9:55 PM, Cecil Westerhof <Cecil@decebal.nl> wrote: > Op Friday 8 May 2015 12:54 CEST schreef Steven D'Aprano: > >> If your code is only going to be used by yourself, I'd just use >> pickle. If you are creating an application for others to use, I >> would spend the extra effort to build in support for at least >> pickle, JSON and plists, and let the user decide what they prefer. > > Well, I put it on GitHub, so I hope it is going to be used by others > also. ;-) There are other things that are more urgent at the moment, > but in the future I will implement JSON and plists then. But will the pickle files be shared? If not, they're still nice and private, and fairly safe. The problem comes when, for instance, you have a client Python program that pickles data and sends it over a network to a server Python program to be unpickled, because then someone could craft a malicious pickle and send it to you to eat. If they're only ever saved locally and re-read, there shouldn't be any security risk (anyone who could reach in and edit the pickle file could probably reach in and change the code anyway). That said, if your needs are sufficiently simple, it may be worth using something plain text just for the debuggability. ChrisA
Back to comp.lang.python | Previous | Next — Previous in thread | Next in thread | Find similar | Unroll thread
To pickle or not to pickle Cecil Westerhof <Cecil@decebal.nl> - 2015-05-08 11:58 +0200
Re: To pickle or not to pickle Peter Otten <__peter__@web.de> - 2015-05-08 12:32 +0200
Re: To pickle or not to pickle Cecil Westerhof <Cecil@decebal.nl> - 2015-05-08 13:51 +0200
Re: To pickle or not to pickle Irmen de Jong <irmen.NOSPAM@xs4all.nl> - 2015-05-08 19:11 +0200
Re: To pickle or not to pickle Steven D'Aprano <steve+comp.lang.python@pearwood.info> - 2015-05-08 20:54 +1000
Re: To pickle or not to pickle Cecil Westerhof <Cecil@decebal.nl> - 2015-05-08 13:55 +0200
Re: To pickle or not to pickle Chris Angelico <rosuav@gmail.com> - 2015-05-08 22:53 +1000
Re: To pickle or not to pickle Cecil Westerhof <Cecil@decebal.nl> - 2015-05-08 16:34 +0200
Re: To pickle or not to pickle Chris Angelico <rosuav@gmail.com> - 2015-05-09 01:11 +1000
Re: To pickle or not to pickle Cecil Westerhof <Cecil@decebal.nl> - 2015-05-08 18:43 +0200
Re: To pickle or not to pickle Cem Karan <cfkaran2@gmail.com> - 2015-05-08 06:27 -0400
csiph-web