Added information about pickle security and SocketHandler.

commit: 86aa90539b1fc388b8daca8c014bcda93f00d305 [log] [tgz]
author: Vinay Sajip <vinay_sajip@yahoo.co.uk> Tue Jun 29 15:13:14 2010 +0000
committer: Vinay Sajip <vinay_sajip@yahoo.co.uk> Tue Jun 29 15:13:14 2010 +0000
tree: a089172ceb9a19b9aed2284108ab623220a75ff9
parent: 1c919a64ed805137ae8eae07800b53d7befa161e [diff] [blame]
diff --git a/Doc/library/logging.rst b/Doc/library/logging.rst
index 16b3e72..fbb0935 100644
--- a/Doc/library/logging.rst
+++ b/Doc/library/logging.rst

@@ -2039,6 +2039,11 @@
       Pickles the record's attribute dictionary in binary format with a length
       prefix, and returns it ready for transmission across the socket.
 
+      Note that pickles aren't completely secure. If you are concerned about
+      security, you may want to override this method to implement a more secure
+      mechanism. For example, you can sign pickles using HMAC and then verify
+      them on the receiving end, or alternatively you can disable unpickling of
+      global objects on the receiving end.
 
    .. method:: send(packet)
commit	86aa90539b1fc388b8daca8c014bcda93f00d305	[log] [tgz]
author	Vinay Sajip <vinay_sajip@yahoo.co.uk>	Tue Jun 29 15:13:14 2010 +0000
committer	Vinay Sajip <vinay_sajip@yahoo.co.uk>	Tue Jun 29 15:13:14 2010 +0000
tree	a089172ceb9a19b9aed2284108ab623220a75ff9
parent	1c919a64ed805137ae8eae07800b53d7befa161e [diff] [blame]