mirrors/cpython
1
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-09-26 18:29:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

#8855: add shelve security warning.

Browse source
This commit is contained in:
Georg Brandl 2010-10-17 09:37:54 +00:00
parent 96115fb2d3
commit 7716ca6cdd
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
Doc/library/shelve.rst
View file

@ -43,6 +43,11 @@ lots of shared sub-objects. The keys are ordinary strings.
:meth:`close` explicitly when you don't need it any more, or use a :meth:`close` explicitly when you don't need it any more, or use a
:keyword:`with` statement with :func:`contextlib.closing`. :keyword:`with` statement with :func:`contextlib.closing`.
.. warning::
Because the :mod:`shelve` module is backed by :mod:`pickle`, it is insecure
to load a shelf from an untrusted source. Like with pickle, loading a shelf
can execute arbitrary code.
Shelf objects support all methods supported by dictionaries. This eases the Shelf objects support all methods supported by dictionaries. This eases the
transition from dictionary based scripts to those requiring persistent storage. transition from dictionary based scripts to those requiring persistent storage.