diff options
Diffstat (limited to 'src/apscheduler/serializers/pickle.py')
-rw-r--r-- | src/apscheduler/serializers/pickle.py | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/src/apscheduler/serializers/pickle.py b/src/apscheduler/serializers/pickle.py index 5edf2d0..8c5a022 100644 --- a/src/apscheduler/serializers/pickle.py +++ b/src/apscheduler/serializers/pickle.py @@ -9,6 +9,18 @@ from ..abc import Serializer @attrs.define(kw_only=True, eq=False) class PickleSerializer(Serializer): + """ + Uses the :mod:`pickle` module to (de)serialize objects. + + As this serialization method is native to Python, it is able to serialize a wide + range of types, at the expense of being insecure. Do **not** use this serializer + unless you can fully trust the entire system to not have maliciously injected data. + Such data can be made to call arbitrary functions with arbitrary arguments on + unpickling. + + :param protocol: the pickle protocol number to use + """ + protocol: int = 4 def serialize(self, obj) -> bytes: |