Stop using pickle already. Seriously, stop it! — mina86.com
mina86.com

It is common knowledge that pickle is a serious security risk. And yet, vulnerabilities involving that serialisation format keep happening. In the article I shortly describe the issue and appeal to people to stop using pickle.

  • mina86@lemmy.wtfOPEnglish
    2·
    14 days ago

    Writing software carries a non-zero risk. If compiling was part of building the package rather than manually committed to the repository, things would work. And that would make the design have no essential binary blob.

    • logging_strict
      1·
      11 days ago

      project cost = sigma(1...n)(risk likelihood of occurring * risk cost), but we aren’t discussing every possible risk. Only the one risk.

      The risk of having to:

      • for the app to work, requires compiled components
      • having to be familiar with setup.py. This is referred to as the sewer, which is what is targeted by hackers e.g. xv
      • maintainers who come later being familiar and can maintain packages that incorporate other languages e.g. C or rust
      • possibly neglecting to perform the compile (but lets ignore this)
      • compiler runs a binary written and maintained by the spy agency Google

      or

      Just not doing that

      The only justification for going with protoc, over other methods, could only come down to data serialization speed. But in that case, wouldn’t a rust solution be: not only as fast, but also much safer.