> The pickle module is not secure against erroneous or maliciously constructed data. Never unpickle data received from an untrusted or unauthenticated source.
(In the 2.6 documentation, the warning was not quite at the top of the module. It moved up for the 2.7 release.)
It doesn't stop a lot of people from using it though. A quick search of Python code on GitHub for 'import pickle' shows almost 800,000 results: https://github.com/search?l=python&q=import+pickle&type=Code... And that's just public repos. Who knows how much it is used in private repos?
> The pickle module is not secure against erroneous or maliciously constructed data. Never unpickle data received from an untrusted or unauthenticated source.
(In the 2.6 documentation, the warning was not quite at the top of the module. It moved up for the 2.7 release.)