On 22-9-2014 20:28, Chris Angelico wrote: > On Tue, Sep 23, 2014 at 4:23 AM, Irmen de Jong <irmen.nos...@xs4all.nl> wrote: >> This is why Pyro has been using a different (and safe) serializer by default >> for a while >> now. You have to plow through the usual security warnings in the docs and >> make a >> conscious effort in your code to enable the pickle serializer if you really >> want/need it. > > Is the safe serializer affected by byte order? If not, you could just > mark this off as a known bug, and say "if anyone has a big-endian > system to test this on, please help out". It would be another > incentive to use the safe serializer rather than pickle. And it'd save > you a lot of trouble. :)
The safe serializer is this one: https://github.com/irmen/serpent and it is a text based protocol, so no, it is not affected by byte order. It uses Python literal expressions as understood by ast.literal_eval(). Note that the endianness bug in my pickle implementation was fixed by the pull request so it is no longer a known bug. But I still would like to be able to run the test suite on both endianness platforms (or let someone else try it for me :-) ) > > I would have offered one of my systems for the test, except ... > they're all little-endian. I'm all PC-based hardware here (mainly > Linux running on Intel CPUs, though there are some variations). Heh, yes; I used to have a PowerPC G4 mac mini (a big endian platform), but that machine got replaced by an Intel based one (little endian, as all the other computers I have access to). Ah well. Irmen -- https://mail.python.org/mailman/listinfo/python-list
