The Grumpy Editor's Python 3 experience

Posted Jul 31, 2018 22:39 UTC (Tue) by jake (editor, #205)
In reply to: The Grumpy Editor's Python 3 experience by k8to
Parent article: The Grumpy Editor's Python 3 experience

> It sounds like you were transmitting pickles over the network, potentially in an insecure fashion.

No, our pickles are stored in the database, not taken from (or sent to) the network.

The email module woes were unrelated, mostly concerning ingesting emails to turn them into "articles".

jake

The Grumpy Editor's Python 3 experience

Posted Aug 1, 2018 3:10 UTC (Wed) by k8to (guest, #15413) [Link]

Thumbs up!

The Grumpy Editor's Python 3 experience

Posted Aug 1, 2018 6:50 UTC (Wed) by Darkmere (subscriber, #53695) [Link]

Databases are to be considered untrusted sources of data one should always perform data validation on it.

The data in a database was out there by someone who doesn't have the same bugs and valialdation patterns as you do today, thus you know from the beginning that it's not validated properly.

The dev in the past is always to be considered both untrustworthy and malicious on the level of incompetent. Just look at how much extra work they've caused you by not doing things that you now know is right and good. Clearly you can't trust that dev.

This is something thats likely to continue. Noone has caused me so much work as past me.