Pickle and marshal are not safe. They can do harmful things if fed maliciously constructed data. That is a pity, because marshal is fast. I need a fast and safe (secure) marshaler. Is xdrlib the only option? I would expect that it is fast and safe because it (the xdr spec) has been around for so long.
Or are there better options (perhaps 3rd party libraries)?
Thanks
Irmen.
What exactly do you mean by "safe" ? Do you want to ensure your objects cannot receive corrupted data ? Do you want to ensure no code will be evaluated during the unmarshalling ?
Please, be more precise,
Pierre -- http://mail.python.org/mailman/listinfo/python-list
