Path: csiph.com!usenet.pasdenom.info!weretis.net!feeder4.news.weretis.net!newsreader4.netcologne.de!news.netcologne.de!xlned.com!feeder1.xlned.com!newsfeed.xs4all.nl!newsfeed3.news.xs4all.nl!xs4all!newsgate.cistron.nl!newsgate.news.xs4all.nl!post.news.xs4all.nl!not-for-mail Return-Path: X-Original-To: python-list@python.org Delivered-To: python-list@mail.python.org X-Spam-Status: OK 0.003 X-Spam-Evidence: '*H*': 0.99; '*S*': 0.00; 'cpython': 0.05; 'xml,': 0.05; 'json': 0.07; 'executable': 0.09; 'okay': 0.09; 'subject:How': 0.10; 'python': 0.11; 'language,': 0.12; 'windows': 0.15; 'dangerous,': 0.16; 'json,': 0.16; 'sources,': 0.16; 'stdlib.': 0.16; 'types,': 0.16; 'wrote:': 0.18; 'code.': 0.18; 'module': 0.19; 'header:User-Agent:1': 0.23; 'paul': 0.24; 'header :In-Reply-To:1': 0.27; 'idea': 0.28; "doesn't": 0.30; 'received:10.0.0': 0.31; 'easy,': 0.31; 'pickle': 0.31; 'anyone': 0.31; 'could': 0.34; 'common': 0.35; 'but': 0.35; 'received:google.com': 0.35; 'there': 0.35; 'method': 0.36; 'subject:?': 0.36; 'received:10.0': 0.36; 'received:10': 0.37; 'message-id:@gmail.com': 0.38; 'handle': 0.38; 'to:addr:python- list': 0.38; 'to:addr:python.org': 0.39; 'simple,': 0.60; '9.1': 0.84; 'freebsd': 0.84; 'subject:check': 0.84; 'transmitting': 0.84 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=bME0qVoZTrif1hSvmnPXGbUwALmtUoZf136MPEBwfQE=; b=qmD+IfzbV/OxTPeV4ND+kVti19pVhzEYxshj3aTYV+HZbNbWpgFt4pZdq5QktkIwCo x9kkj6ejnJCMNtbUlIbMEtXmC+nWpf+5ksCkK+fJ0/pQLx743uFYsOCvAtFOSGE1Dw3u zJUgNUhxzNcU0eXS3L+s3I76J1wYSjT6J9Y9aaCdvQAt7RmuDoZ5yWT4CvLeCC6UExok u8yFtObN/F/aIvncB+VWO2tU5wYRJyS9PLNLXwDQz+RNOLAeQb/5hPFb4zcCVtyeml7S HrLtzXCNyghqUYCUQTnOcfHUCjvb4yTpcHfU6egz4p9ZffVkRmxSRg9P+ir+3CPqJo+i 1h0g== X-Received: by 10.50.25.196 with SMTP id e4mr10639757igg.42.1377634643106; Tue, 27 Aug 2013 13:17:23 -0700 (PDT) Date: Tue, 27 Aug 2013 15:17:11 -0500 From: Andrew Berg User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 MIME-Version: 1.0 To: "comp.lang.python" Subject: Re: How to check client shutdown? References: <2f3e7c96-45a7-485c-bfc7-18bf9841114b@googlegroups.com> In-Reply-To: <2f3e7c96-45a7-485c-bfc7-18bf9841114b@googlegroups.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-BeenThere: python-list@python.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: General discussion list for the Python programming language List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Newsgroups: comp.lang.python Message-ID: Lines: 8 NNTP-Posting-Host: 2001:888:2000:d::a6 X-Trace: 1377634652 news.xs4all.nl 15946 [2001:888:2000:d::a6]:47520 X-Complaints-To: abuse@xs4all.nl Xref: csiph.com comp.lang.python:53088 On 2013.08.27 12:44, Paul Pittlerson wrote: > Security issue!? Do you mean someone could enter devious python h4xx into the chat or something? I had no idea using pickle was so dangerous, but I don't know any other method of transmitting data in python :( JSON, XML, or any other format that doesn't have the capacity to serialize directly executable Python code. Pickles are okay for internal data from trusted sources, but don't accept pickles from anyone you don't trust. JSON is simple, easy, and can handle the common data types, and there is a module for it in the stdlib. It's also a standard format you can use in pretty much any language, and it's human readable. -- CPython 3.3.2 | Windows NT 6.2.9200 / FreeBSD 9.1