python - Do Pickle and Dill have similar levels of risk of containing malicious script?

Question

Dill is obviously a very useful module, and it seems as long as you manage the files carefully it is relatively safe. But I was put off by the statement:

Thus dill is not intended to be secure against erroneously or maliciously constructed data. It is left to the user to decide whether the data they unpickle is from a trustworthy source.

I read in in https://pypi.python.org/pypi/dill. It's left to the user to decide how to manage their files.

If I understand correctly, once it has been pickled by dill, you can not easily find out what the original script will do without some special skill.

MY QUESTION IS: although I don't see a warning, does a similar situation also exist for pickle?

Answer 1

Dill is built on top of pickle, and the warnings apply just as much to pickle as they do to dill.

Pickle uses a stack language to effectively execute arbitrary Python code. An attacker can sneak in instructions to open up a backport to your machine, for example. Don't ever use pickled data from untrusted sources.

The documentation includes an explicit warning:

Warning: The pickle module is not secure against erroneous or maliciously constructed data. Never unpickle data received from an untrusted or unauthenticated source.