Am 2011年4月19日 19:28:50 -0700 (PDT) schrieb Jean-Paul Calderone <calderone.jeanpaul at gmail.com>: > It is completely insecure. Do not use pickle and > sockets together. Yes pickle is like eval, but that doesnt mean that one should never ever use it over a socket connection. What about ssl sockets where client and server authenticate each other? Or you encrypt the pickle dump with symmetric encryption and only load it if you can decrypt it? There are ways to ensure that the data you get can be handled as trusted. Greets Basti -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: not available URL: <http://mail.python.org/pipermail/python-list/attachments/20110420/447b272c/attachment-0001.sig>