From 0036bcf8d8c7baf3c27c50d9e03e450ff93585db Mon Sep 17 00:00:00 2001 From: Georg Brandl Date: Sun, 17 Oct 2010 10:24:54 +0000 Subject: #9105: move pickle warning to a bit more prominent location. --- Doc/library/pickle.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Doc/library/pickle.rst b/Doc/library/pickle.rst index 66d1472..24006e2 100644 --- a/Doc/library/pickle.rst +++ b/Doc/library/pickle.rst @@ -23,6 +23,12 @@ into an object hierarchy. Pickling (and unpickling) is alternatively known as "serialization", "marshalling," [#]_ or "flattening", however, to avoid confusion, the terms used here are "pickling" and "unpickling".. +.. warning:: + + The :mod:`pickle` module is not intended to be secure against erroneous or + maliciously constructed data. Never unpickle data received from an untrusted + or unauthenticated source. + Relationship to other Python modules ------------------------------------ @@ -63,12 +69,6 @@ The :mod:`pickle` module differs from :mod:`marshal` several significant ways: The :mod:`pickle` serialization format is guaranteed to be backwards compatible across Python releases. -.. warning:: - - The :mod:`pickle` module is not intended to be secure against erroneous or - maliciously constructed data. Never unpickle data received from an untrusted - or unauthenticated source. - Note that serialization is a more primitive notion than persistence; although :mod:`pickle` reads and writes file objects, it does not handle the issue of naming persistent objects, nor the (even more complicated) issue of concurrent -- cgit v0.12