
Dangerous Pickles – Malicious Data Serialization in Python - foob
https://intoli.com/blog/dangerous-pickles/
======
calebm
It's quite simple: they are executable code.

------
philsnow
pickle is neat, but so is eval.

~~~
Doxin
And both are easily avoided with a little work.

