Skip to content

C
cpython
Commit 110953d6 authored by Georg Brandl's avatar Georg Brandl
Browse files
Options

Closes #19061: make shelve security warning consistent between 2.x and 3.x.

parent 254a3772
Show whitespace changes
Inline Side-by-side
Showing with 5 additions and 3 deletions
Doc/library/shelve.rst
View file @ 110953d6
...@@ -47,9 +47,11 @@ lots of shared sub-objects. The keys are ordinary strings. ...@@ -47,9 +47,11 @@ lots of shared sub-objects. The keys are ordinary strings.
Like file objects, shelve objects should be closed explicitly to ensure Like file objects, shelve objects should be closed explicitly to ensure
that the persistent data is flushed to disk. that the persistent data is flushed to disk.
Since the :mod:`shelve` module stores objects using :mod:`pickle`, the same .. warning::
security precautions apply. Accordingly, you should avoid loading a shelf
from an untrusted source. Because the :mod:`shelve` module is backed by :mod:`pickle`, it is insecure
to load a shelf from an untrusted source. Like with pickle, loading a shelf
can execute arbitrary code.
Shelf objects support all methods supported by dictionaries. This eases the Shelf objects support all methods supported by dictionaries. This eases the
transition from dictionary based scripts to those requiring persistent storage. transition from dictionary based scripts to those requiring persistent storage.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7