it will become an issue if there is a bug in the marshal code inside
pypy-c-sandbox which is /creating/ the marshalled data, a bug that
would allow a sandboxed program to alter the marshalled data in such a
way that it can exploit the vulnerability of the stdlib marshal.
Doesn't sound too likely, b
The sandbox uses pypy's own implementation of marshal. In
pypy/translator/sandbox/sandlib.py is this comment:
# Note: we use lib_pypy/marshal.py instead of the built-in marshal
# for two reasons. The built-in module could be made to segfault
# or be attackable in other ways by sending maliciou
=
PyPy Leysin Winter Sprint (15-22nd January 2012)
=
The next PyPy sprint will be in Leysin, Switzerland, for the
eighth time. This is a fully public sp
