from Hacker News

How Pickle Files Backdoor AI Models

by jchandra on 3/15/25, 4:57 PM with 6 comments

  • by compressedgas on 3/15/25, 11:30 PM

    Pickle can be made safe. Just limit what the unpickler can call to a fixed list based on what is expected and permitted for the pickle to use.

  • by vivahir215 on 3/15/25, 5:01 PM

    Nice read !

    You could also use joblib format as well.