OpenID Libraries should be stateless
Kevin Turner
kevin at janrain.com
Tue Feb 5 11:20:05 PST 2008
On Tue, 2008-02-05 at 12:32 +0100, Wichert Akkerman wrote:
> Never ever use pickles for something like that: the pickle format is not
> just a marshalling format: a pickle can contain arbitraty python code
> which is executed when the pickle is unpacked. That means that using
> pickles opens an easy attack vector into your application.
This is a good point. But regardless of the particulars of the
marshalling format, if you're trusting the user-agent to store it, you
need to make sure it's not tampered with while it's there. So it should
be signed or encrypted. And once you've made it tamper-proof, pickle's
vulnerabilities are less relevant.
More information about the Dev
mailing list