classification
Title: Big red pickle security warning should stress the point even more
Type: security Stage: resolved
Components: Documentation Versions: Python 3.9, Python 3.8
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: docs@python Nosy List: docs@python, lordmauve, rhettinger
Priority: normal Keywords: patch

Created on 2019-08-29 13:28 by lordmauve, last changed 2019-08-31 06:02 by rhettinger. This issue is now closed.

Pull Requests
URL Status Linked Edit
PR 15595 merged lordmauve, 2019-08-29 13:32
PR 15629 merged miss-islington, 2019-08-31 05:52
Messages (3)
msg350777 - (view) Author: Daniel Pope (lordmauve) * Date: 2019-08-29 13:28
CVEs related to unpickling untrusted data continue to come up a few times a year:

https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=pickle

This is certainly the tip of the iceberg. In a previous role I noted several internal services that could be compromised with maliciously crafted pickles. In my current role I can already see two internal services that look vulnerable. And in both organisations, little attention was paid to pickle data exchanged with other users over network filesystems, which may allow privilege escalation.

Chatting to Alex Willmer after his Europython talk in 2018 (https://github.com/moreati/pickle-fuzz/blob/master/Rehabilitating%20Pickle.pdf) we discussed that the red warning in the docs is still not prominent enough, even after moving it to the top of the page in https://bugs.python.org/issue9105.

The warning currently says:

"Warning: The pickle module is not secure against erroneous or maliciously constructed data. Never unpickle data received from an untrusted or unauthenticated source."

I would suggest several improvements:

* Simpler, more direct English.
* Explain the severity of vulnerability that doing this will cause.
* Link to the hmac module which can be used to prevent tampering.
* Link to the json module which is safer if less powerful.
* Simply making the red box bigger (adding more text) will increase the prominence of the warning.
msg350908 - (view) Author: Raymond Hettinger (rhettinger) * (Python committer) Date: 2019-08-31 05:51
New changeset daa82d019c52e95c3c57275307918078c1c0ac81 by Raymond Hettinger (Daniel Pope) in branch 'master':
bpo-37977: Warn more strongly and clearly about pickle security (GH-15595)
https://github.com/python/cpython/commit/daa82d019c52e95c3c57275307918078c1c0ac81
msg350909 - (view) Author: Raymond Hettinger (rhettinger) * (Python committer) Date: 2019-08-31 06:02
New changeset 6922b9e4fce635339cb94c2fdef6bba4e2a99621 by Raymond Hettinger (Miss Islington (bot)) in branch '3.8':
bpo-37977: Warn more strongly and clearly about pickle security (GH-15595) (GH-15629)
https://github.com/python/cpython/commit/6922b9e4fce635339cb94c2fdef6bba4e2a99621
History
Date User Action Args
2019-08-31 06:02:42rhettingersetstatus: open -> closed
resolution: fixed
stage: patch review -> resolved
2019-08-31 06:02:18rhettingersetmessages: + msg350909
2019-08-31 05:52:21miss-islingtonsetpull_requests: + pull_request15297
2019-08-31 05:51:36rhettingersetnosy: + rhettinger
messages: + msg350908
2019-08-29 13:32:53lordmauvesetkeywords: + patch
stage: patch review
pull_requests: + pull_request15271
2019-08-29 13:28:33lordmauvecreate