Irmen de Jong <[EMAIL PROTECTED]> wrote in message news:<[EMAIL PROTECTED]>... > Pierre Barbier de Reuille wrote: > > Irmen de Jong a écrit : > > > >> Pickle and marshal are not safe. They can do harmful > >> things if fed maliciously constructed data. > >> That is a pity, because marshal is fast. > >> I need a fast and safe (secure) marshaler. > >> Is xdrlib the only option? > >> I would expect that it is fast and safe because > >> it (the xdr spec) has been around for so long. > >> > >> Or are there better options (perhaps 3rd party libraries)? > >> > >> Thanks > >> > >> Irmen. > > > > > > What exactly do you mean by "safe" ? Do you want to ensure your objects > > cannot receive corrupted data ? Do you want to ensure no code will be > > evaluated during the unmarshalling ? > > "safe (secure)" > But to be more precise, let's look at the security warning that > is in the marshal documentation: > "The marshal module is not intended to be secure against erroneous or > maliciously constructed data. Never unmarshal data received from an > untrusted or unauthenticated source." > > So essentially I want the opposite of that ;-) > > I want a marshalar that is okay to use where the data it processes > comes from unknown, external sources (untrusted). It should not crash > on corrupt data and it should not execute arbitrary code when > unmarshaling, so that it is safe against hacking attempts. > > Oh, preferrably, it should be fast :) > Some XML-ish thing may be secure but is likely to be not fast at all. > > Ideally it should be able to transfer user defined Python types, > but if it is like marshal (can only marshal builtin types) that's > okay too. > > --Irmen
I'm just curious, but can't effbot's fast cElementree be used for PYROs XML_PICKLE and would it be safe and fast enough? Carl -- http://mail.python.org/mailman/listinfo/python-list