From 86aa90539b1fc388b8daca8c014bcda93f00d305 Mon Sep 17 00:00:00 2001
From: Vinay Sajip <vinay_sajip@yahoo.co.uk>
Date: Tue, 29 Jun 2010 15:13:14 +0000
Subject: [PATCH] Added information about pickle security and SocketHandler.

---
 Doc/library/logging.rst | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Doc/library/logging.rst b/Doc/library/logging.rst
index 16b3e7280e..fbb0935680 100644
--- a/Doc/library/logging.rst
+++ b/Doc/library/logging.rst
@@ -2039,6 +2039,11 @@ sends logging output to a network socket. The base class uses a TCP socket.
       Pickles the record's attribute dictionary in binary format with a length
       prefix, and returns it ready for transmission across the socket.
 
+      Note that pickles aren't completely secure. If you are concerned about
+      security, you may want to override this method to implement a more secure
+      mechanism. For example, you can sign pickles using HMAC and then verify
+      them on the receiving end, or alternatively you can disable unpickling of
+      global objects on the receiving end.
 
    .. method:: send(packet)
 
-- 
2.50.1