Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #3657

Re: Pickling over a socket

Date 2011-04-20 08:44 +0200
From Bastian Ballmann <balle@chaostal.de>
Subject Re: Pickling over a socket
References <61890800-f81a-4a1e-8905-a0237407f016@a21g2000prj.googlegroups.com> <BANLkTi=1d4k6QfscN_F_fPddznfQUuY6wA@mail.gmail.com> <mailman.582.1303241870.9059.python-list@python.org> <7744bf8c-0df6-4dc9-a977-7234d571643f@r4g2000prm.googlegroups.com> <7a56699d-7387-49a0-8c4f-f794df43df00@22g2000prx.googlegroups.com>
Newsgroups comp.lang.python
Message-ID <mailman.619.1303281905.9059.python-list@python.org> (permalink)

Show all headers | View raw

[Multipart message — attachments visible in raw view] - view raw

Am Tue, 19 Apr 2011 19:28:50 -0700 (PDT)
schrieb Jean-Paul Calderone <calderone.jeanpaul@gmail.com>:

> It is completely insecure.  Do not use pickle and
> sockets together.

Yes pickle is like eval, but that doesnt mean that one should never
ever use it over a socket connection. 
What about ssl sockets where client and server authenticate each other?
Or you encrypt the pickle dump with symmetric encryption and only load
it if you can decrypt it? There are ways to ensure that the data you
get can be handled as trusted.
Greets

Basti

Back to comp.lang.python | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

Pickling over a socket Roger Alexander <rtalexander@mac.com> - 2011-04-19 11:53 -0700
  Re: Pickling over a socket Chris Rebert <clp2@rebertia.com> - 2011-04-19 12:21 -0700
  Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 05:29 +1000
  Re: Pickling over a socket Dan Stromberg <drsalists@gmail.com> - 2011-04-19 12:30 -0700
  Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 05:37 +1000
    Re: Pickling over a socket Roger Alexander <rtalexander@mac.com> - 2011-04-19 15:27 -0700
      Re: Pickling over a socket Jean-Paul Calderone <calderone.jeanpaul@gmail.com> - 2011-04-19 19:28 -0700
        Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 08:44 +0200
        Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 16:59 +1000
        Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 09:34 +0200
          Re: Pickling over a socket Thomas Rachel <nutznetz-0c1b6768-bfa9-48d5-a470-7603bd3aa915@spamschutz.glglgl.de> - 2011-04-20 10:25 +0200
            [OT] Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 10:59 +0200
        Re: Pickling over a socket Chris Angelico <rosuav@gmail.com> - 2011-04-20 19:26 +1000
        Re: Pickling over a socket Bastian Ballmann <balle@chaostal.de> - 2011-04-20 11:41 +0200

csiph-web