On Fri, 9 Mar 2012 23:51:40 +0100 Masklinn <masklinn at masklinn.net> wrote: > On 2012年03月09日, at 23:42 , Antoine Pitrou wrote: > > On 2012年3月10日 01:36:53 +0300 > > anatoly techtonik <techtonik at gmail.com> > > wrote: > >> Pickle is insecure, > > > > http://docs.python.org/dev/library/pickle.html#restricting-globals >> Even with that, isn't Pickle open to the same issues `eval` > (with restricted locals and globals) is, of innocuous code giving > indirect access to "unsafe" structures and functions? I don't know, does anyone have a proof-of-concept exploit for that? Regards Antoine.