Hi guys!

My StreamLit app is working! Very pleased with the API. I made it for my own personal use, but I’m thinking of releasing it to the public for no reason (will require me to publish it via Google because it’s a Google API app). My question is about the pickle warning in Security reminders - Streamlit Docs.

My app opens and rearranges .txt files in a project folder on the user’s own google drive, and it makes heavy use of session_state for file contents (I know someone’s gonna tell me to use cache instead, but it’s not right for my use-case!). I’m thinking, in theory, a person might manufacture a pickle-injecting .txt file on their own google drive, and then load that in the app. I don’t know what the limits of pickle code injection are; I assume the worst things that can happen are attacks on StreamLit or an attempt to expose my API secrets (Credentials.from_authorized_user_info(st.session_state[“credentials”])).

Are my concerns here legitimate? And if so, what is the potential impact of simply setting runner.enforceSerializableSessionState = False?

Thanks!

OK guys, I did some more research into this. It looks like the pickling issue here only matters if I put the whole file into session_state or cache, not if I put the file’s metadata into the session_state (e.g. the text contents of the .txt file).

So, as long as my understanding is correct here, my app is pickle-safe because it doesn’t put files into session_state. So nobody will be injecting their pickles into my session without my knowing.

With that, I’ll plan the release after some more testing! Thanks for the tools, Streamlit!