Warn that load_pickle() etc are for trusted data only

https://docs.python.org/3/library/pickle.html#restricting-globals

Author: Rebecca N. Palmer
Forwarded: https://github.com/statsmodels/statsmodels/pull/6162

Gbp-Pq: Name cache_security.patch

diff --git a/statsmodels/base/model.py b/statsmodels/base/model.py
index 6c457ff353129bb4434d69d7aea0c13b6f817dc1..374e289681f486111637c6a7724c377aee097f78 100644 (file)
--- a/statsmodels/base/model.py
+++ b/statsmodels/base/model.py
@@ -2074,7 +2074,8 @@ class LikelihoodModelResults(Results):
     @classmethod
     def load(cls, fname):
         """
-        load a pickle, (class method)
+        load a pickle, (class method); use only on trusted files,
+        as unpickling can run arbitrary code.
 
         Parameters
         ----------

diff --git a/statsmodels/base/wrapper.py b/statsmodels/base/wrapper.py
index 5d4bb4558abcea6cf2931fb065279c49fb8672d7..3221efd029e029f3c2114aa181d335a2d82f26cb 100644 (file)
--- a/statsmodels/base/wrapper.py
+++ b/statsmodels/base/wrapper.py
@@ -73,6 +73,8 @@ class ResultsWrapper(object):
 
     @classmethod
     def load(cls, fname):
+        """Load a pickled instance; use only on trusted files,
+        as unpickling can run arbitrary code."""
         from statsmodels.iolib.smpickle import load_pickle
         return load_pickle(fname)
 

diff --git a/statsmodels/iolib/smpickle.py b/statsmodels/iolib/smpickle.py
index e784cba3839dbf3bf1c9f3779317d515397f1ef1..1d5d47bc903fa145bde0e58c5726aed8187f4c46 100644 (file)
--- a/statsmodels/iolib/smpickle.py
+++ b/statsmodels/iolib/smpickle.py
@@ -19,7 +19,9 @@ def save_pickle(obj, fname):
 
 def load_pickle(fname):
     """
-    Load a previously saved object from file
+    Load a previously saved object; **use only on trusted files**,
+    as unpickling can run arbitrary code.  (i.e. calling this on a
+    malicious file can wipe or take over your system.)
 
     Parameters
     ----------