[$] Insecurity and Python pickles

Serialization is the process of transforming Python objects into a sequence ofbytes which can be used to recreate a copy of the object later - or on anothermachine.pickle is Python's native serialization module. It can store complex Pythonobjects,making it an appealing prospect for moving data without having to writecustom serialization code. For example, pickle is an integral component ofseveral fileformats used for machine learning. However, using pickle to deserializeuntrusted files is a major security risk, because doing so can invoke arbitraryPython functions. Consequently, the machine-learning community is working to address thesecurity issues caused by widespread use of pickle.