[Python-Dev] Pickle security and remote logging (original) (raw)
Guido van Rossum guido at python.org
Wed Jun 30 01:41:52 CEST 2010
- Previous message: [Python-Dev] Pickle security and remote logging
- Next message: [Python-Dev] Pickle security and remote logging
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Jun 29, 2010 at 4:22 PM, anatoly techtonik <techtonik at gmail.com> wrote:
On Tue, Jun 29, 2010 at 6:15 PM, Vinay Sajip <vinaysajip at yahoo.co.uk> wrote:
I've updated the documentation of SocketHandler.makePickle to mention security concerns, and that the method can be overridden to use a more secure implementation (e.g. HMAC-signed pickles). Thanks. But I doubt HMAC complication helps to protect logging server. If shared key is compromised -server becomes vulnerable. I would prefer approach when no code execution is possible. Some alternative serialization way for transmitting log data structures over network. Protocol buffers first come in mind, but they seem to be an overkill, and stdlib doesn't include any implementation.
You could use marshal by default. It does not execute code when unmarshalling. A limitation is that it only supports built-in types like list, dict, string etc. but that might be just fine for logging data. Another option would be JSON. (Or XML, if you want bulky. :-)
As for protocol buffers, assuming its absence (so far :-) from the stdlib is the only objection, how hard would it be to make the logging package "prepared" so that if one did have protocol buffers installed, it would be a one-line config setting to use them?
-- --Guido van Rossum (python.org/~guido)
- Previous message: [Python-Dev] Pickle security and remote logging
- Next message: [Python-Dev] Pickle security and remote logging
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]