[mod_python] Documentation suggestions for section 4.7.1 in the beta mod_python manual

Gregory (Grisha) Trubetskoy grisha at modpython.org
Fri Nov 7 13:37:12 EST 2003

On Fri, 7 Nov 2003, Michael S. Fischer wrote:

> Hi Grisha,
> I have some comments WRT section 4.7.1 in the 3.1.2b mod_python manual.
> First, please explain to us why we need yet another cookie class,

Because it is more efficient and simpler to use within mod_python

> especially one that has the same name as the package that ships with
> Python ("Cookie").

Since it resides inside the mod_python package I don't see how it matters.

> Second, it's really important that you emphasize the security risks of
> using MarshalCookie;  see the Python documentation for SerialCookie to
> see why.

There are no known security risks of useing MarshalCookie. At least none
that I am aware of, and I researched the subject pretty thoroughly.

First - MarshalCookie is a subclass of SignedCookie, so all MarshalCookies
are signed, which makes it impossible to alter the cookie value.

Second, there is a distinction between "marshalling" and "pickling", which
is what SerialCookie uses. The process of unmarshalling does not execute
arbitrary code.

> Also, there are efficient-length considerations; constructing
> cookies representing 100kB data structures would not be "best practice."

Apache will limit any header length to about 4k :-)


More information about the Mod_python mailing list