diff -r c347b9063a9e Doc/tutorial/inputoutput.rst
--- a/Doc/tutorial/inputoutput.rst	Thu Aug 29 18:33:50 2013 -0700
+++ b/Doc/tutorial/inputoutput.rst	Fri Aug 30 17:00:06 2013 -0700
@@ -383,6 +383,11 @@
 ------------------------
 
 .. index:: module: pickle
+.. warning::
+
+   The :mod:`pickle` module is not intended to be secure against erroneous or
+   maliciously constructed data.  Never unpickle data received from an untrusted
+   or unauthenticated source.
 
 Strings can easily be written to and read from a file. Numbers take a bit more
 effort, since the :meth:`read` method only returns strings, which will have to