'%3e%3crect%20width='80'%20height='80'%20fill='%23eaf5f6'%3e%3c/rect%3e%3crect%20x='10'%20y='30'%20width='80'%20height='10'%20fill='%233fa1a8'%20transform='translate(-20%20-20)%20rotate(182%2040%2040)'%3e%3c/rect%3e%3ccircle%20cx='40'%20cy='40'%20fill='%23b1e2e5'%20r='16'%20transform='translate(12%2012)'%3e%3c/circle%3e%3cline%20x1='0'%20y1='40'%20x2='80'%20y2='40'%20stroke-width='2'%20stroke='%23b1ecf4'%20transform='translate(-4%20-4)%20rotate(4%2040%2040)'%3e%3c/line%3e%3c/g%3e%3c/svg%3e)
Playing with Pickle Security
By Nicolas Lara on
Reading about the latest vulnerabilities in Rails, got me thinking about a similar issue we have in Python. It is well known that using pickle on untrusted data is insecure to the point of allowing arbitrary code execution. Or at …
![Image for How We Work [talk]](data:image/svg+xml,%3csvg%20viewBox='0%200%2080%2080'%20fill='none'%20role='img'%20xmlns='http://www.w3.org/2000/svg'%20width='80'%20height='80'%3e%3ctitle%3eAmelia%20Boynton%3c/title%3e%3cmask%20id='mask__bauhaus'%20maskUnits='userSpaceOnUse'%20x='0'%20y='0'%20width='80'%20height='80'%3e%3crect%20width='80'%20height='80'%20fill='%23FFFFFF'%3e%3c/rect%3e%3c/mask%3e%3cg%20mask='url(%23mask__bauhaus)'%3e%3crect%20width='80'%20height='80'%20fill='%233fa1a8'%3e%3c/rect%3e%3crect%20x='10'%20y='30'%20width='80'%20height='10'%20fill='%23b1e2e5'%20transform='translate(-8%208)%20rotate(304%2040%2040)'%3e%3c/rect%3e%3ccircle%20cx='40'%20cy='40'%20fill='%23b1ecf4'%20r='16'%20transform='translate(9%209)'%3e%3c/circle%3e%3cline%20x1='0'%20y1='40'%20x2='80'%20y2='40'%20stroke-width='2'%20stroke='%2351d0d9'%20transform='translate(-8%20-8)%20rotate(248%2040%2040)'%3e%3c/line%3e%3c/g%3e%3c/svg%3e)