Security improvement: consider avoiding pickle.load

[FedericoCeratto]

Hello and thank you for developing Beaker.

The pickle.loads() [1] method is used on data generated by crypto.aesDecrypt() that can parse an user-submitted cookie. Pickle is considered insecure to be executed on untrusted data [2], [3]

An attacker that is able to craft a valid encrypted cookie (e.g. by having obtained a leaked copy of encrypt_key or using a vulnerability in aesDecrypt) should have a limited impact, i.e. mangling session data. Pickle might allow such attacker to execute arbitrary code instead.

A solution could be to use json.loads() and json.dumps() instead of pickle.

[1] https://github.com/bbangert/beaker/blob/master/beaker/session.py#L283
[2] """The pickle module is not intended to be secure against erroneous or maliciously constructed data. Never unpickle data received from an untrusted or unauthenticated source."""
[3] http://docs.python.org/library/pickle.html

Thank you!

[bbangert]

There's more than just encryption being used. All cookies are signed with an HMAC and no work is done with the data unless the HMAC is valid. The only way for a person to sign cookies such that they'll be loaded requires them to know your servers' secret key, which implies they already have access to your machine.

This signing ensures the source is authenticated.