On Mon, Mar 17, 2014 at 1:01 PM, IWAMOTO Toshihiro <iwamoto at valinux.co.jp>wrote: > > I've added a couple of security-related comments (pickle decoding and > token leak) on the etherpad. > Please check. > Hello. Thanks for your input. - We can avoid pickle using xmlrpclib. - Token won't leak because we have direct pipe to parent process. I'm in process of implementing it now so thanks for early notice. -- Kind regards, Yuriy. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140318/a360297c/attachment.html>