[Python-Dev] Pickle alternative in stdlib (Was: On breaking modules into packages) (original) (raw)

Marcel Hellkamp marc at gsites.de
Fri Nov 5 01:21:41 CET 2010

• Previous message: [Python-Dev] Pickle alternative in stdlib (Was: On breaking modules into packages)
• Next message: [Python-Dev] Pickle alternative in stdlib (Was: On breaking modules into packages)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am 04.11.2010 17:15, schrieb anatoly techtonik:

pickle is insecure, marshal too.

If the transport or storage layer is not save, you should cryptographically sign the data anyway::

 def pickle_encode(data, key):
     msg = base64.b64encode(pickle.dumps(data, -1))
     sig = base64.b64encode(hmac.new(key, msg).digest())
     return sig + ':' + msg

 def pickle_decode(data, key):
     if data and ':' in data:
         sig, msg = data.split(':', 1)
         if sig == base64.b64encode(hmac.new(key, msg).digest()):
             return pickle.loads(base64.b64decode(msg))
     raise pickle.UnpicklingError("Wrong or missing signature.")

Bottle (a web framework) uses a similar approach to store non-string data in client-side cookies. I don't see a (security) problem here.

-- Mit freundlichen Grüßen Marcel Hellkamp

• Previous message: [Python-Dev] Pickle alternative in stdlib (Was: On breaking modules into packages)
• Next message: [Python-Dev] Pickle alternative in stdlib (Was: On breaking modules into packages)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list