From: Barry Warsaw Date: Thu, 15 Nov 2001 23:55:12 +0000 (+0000) Subject: A few minor updates to make it clear(er) that pickle should be used X-Git-Tag: v2.2.1c1~751 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=69b2d75fc7d5f92b6e7c9f7c1aaf50b04becfe38;p=thirdparty%2FPython%2Fcpython.git A few minor updates to make it clear(er) that pickle should be used instead of marshal for object serialization. Fred, please proofread! --- diff --git a/Doc/lib/libmarshal.tex b/Doc/lib/libmarshal.tex index 013e7f831256..74770fcf4b15 100644 --- a/Doc/lib/libmarshal.tex +++ b/Doc/lib/libmarshal.tex @@ -1,5 +1,5 @@ \section{\module{marshal} --- - Alternate Python object serialization} + Internal Python object serialization} \declaremodule{builtin}{marshal} \modulesynopsis{Convert Python objects to streams of bytes and back @@ -23,7 +23,13 @@ This is not a general ``persistence'' module. For general persistence and transfer of Python objects through RPC calls, see the modules \refmodule{pickle} and \refmodule{shelve}. The \module{marshal} module exists mainly to support reading and writing the ``pseudo-compiled'' code for -Python modules of \file{.pyc} files. +Python modules of \file{.pyc} files. Therefore, the Python +maintainers reserve the right to modify the marshal format in backward +incompatible ways should the need arise. If you're serializing and +de-serializing Python objects, use the \module{pickle} module. There +may also be unknown security problems with +\module{marshal}\footnote{As opposed to the known security issues in +the \module{pickle} module!}. \refstmodindex{pickle} \refstmodindex{shelve} \obindex{code}