mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-07-30 06:34:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

#8855: add shelve security warning.

Browse source
This commit is contained in:
Georg Brandl 2010-10-17 09:37:54 +00:00
parent 96115fb2d3
commit 7716ca6cdd
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
Doc/library/shelve.rst
View file

@ -43,6 +43,11 @@ lots of shared sub-objects. The keys are ordinary strings.
:meth:`close` explicitly when you don't need it any more, or use a
:keyword:`with` statement with :func:`contextlib.closing`.
.. warning::
Because the :mod:`shelve` module is backed by :mod:`pickle`, it is insecure
to load a shelf from an untrusted source. Like with pickle, loading a shelf
can execute arbitrary code.
Shelf objects support all methods supported by dictionaries. This eases the
transition from dictionary based scripts to those requiring persistent storage.