This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author dcjim
Recipients
Date 2001-11-12.18:14:14
SpamBayes Score
Marked as misclassified
Message-id
In-reply-to
Content 
Logged In: YES 
user_id=73023

It sounds like there are some documentation bugs:

- The security ramifications are not discussed, nor are the
remedies.

- The cPickle module isn't documented very well. I submitted
some
   documentation a long time ago that never got incorporated
AFAIK.
   I wish I still had it. :)

- cPickle has a feature for turning off instance support and
for 
   restricting which classes can be unpickled. You can set
the find_global
   attribute on a cPickle.Unpickler. The find_global
attribute can be 
   a function or None.  If it is None, then no instances can
be 
   unpickled. If it is a function, then it should accept a
module and name
   and return the corresponding global. It is responsible
for looking
   up the global and can raise an error to prevent a
global's use.

   See the ZEO storage server implementation for an example
   of using this hook.
History
Date User Action Args
2007-08-23 13:56:49adminlinkissue471893 messages
2007-08-23 13:56:49admincreate