On 2013.08.27 12:44, Paul Pittlerson wrote:
> Security issue!? Do you mean someone could enter devious python h4xx into the
> chat or something? I had no idea using pickle was so dangerous, but I don't
> know any other method of transmitting data in python :(
JSON, XML, or any other format that doesn't have the capacity to serialize
directly executable Python code. Pickles are okay for internal
data from trusted sources, but don't accept pickles from anyone you don't trust.
JSON is simple, easy, and can handle the common data types, and there is a
module for it in the stdlib. It's also a standard format you can
use in pretty much any language, and it's human readable.
--
CPython 3.3.2 | Windows NT 6.2.9200 / FreeBSD 9.1
--
http://mail.python.org/mailman/listinfo/python-list
