Hello
I've never run into a discussion on pickle vs marshal, but clearly if
the point is to exchange data between different clients, or to store it,
pickle is the preferred solution, as masrhal is really too low level and
its format too unstable.
Indeed, the problem of pickle is that at the contrary, it transmits too
much information, including executable code, etc, so it's a security risk.
If you only need to transmit data, like objects (without their methods),
arrays, dicts etc. over networks or time, I'd advise a dedicated
solution like json or xml, for which python as easy serializers.
Regards,
Pascal
Lawson English a écrit :
Marshalling is only briefly mentioned in most python books I have, and
"pickling" is declared teh preferred method for serialization.
I read somewhere that Marshalling is version-dependent while pickling
is not, but can't find that reference. OTOH, pickling can lead to
loading of malicious code (I understand) while marshalling only
handles basic Python types?
Could anyone point me to a reasonable discussion of the pros and cons
of each method for serialization?
Thanks.
Lawson
--
http://mail.python.org/mailman/listinfo/python-list
--
http://mail.python.org/mailman/listinfo/python-list
