Alexandre Vassalotti <alexan...@peadrop.com> added the comment: The security issue mentioned previously has been known for years. And, it is easy to protect against. See http://docs.python.org/py3k/library/pickle.html#restricting-globals
Also I am against adding pickling support to code objects. Code objects have no backward-compatibility constraint unlike pickles. Antoine is right about we should be using a method fully-qualified name to pickle it. However, the problem with this approach is a method doesn't always have fully-qualified name (see issue3657). ForkingPickler in Lib/multiprocessing/forking.py uses this approach to add pickling support to methods. ---------- _______________________________________ Python tracker <rep...@bugs.python.org> <http://bugs.python.org/issue9276> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
