A tool to load machine/deep learning models with security

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for qiagu from gravatar.com qiagu

Unverified details

These details have not been verified by PyPI
Project links
Classifiers

Project description

A tool to load machine/deep learning models with security.

Many machine/deep learning libraries (PyTorch, Scikit-Learn and so on) save trained models solely based on Python pickle, while pickle is well known for its potential to execute malicious code when loading objects from untrusted sources.

This libary provides a secure tool to load pickled models by overriding the find_class method of standard python Unpickler class together with a series of global names -- whilelist. Only globals in the whilelist are allowed in loaded model objects, whereas the loading process interrupts when an untrusted global name is found to prevent any potential exploit.

This libary also provides utils to quickly update the global whilelist in case that the corresponding machine learning libraries are updated.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for qiagu from gravatar.com qiagu

Unverified details

These details have not been verified by PyPI
Project links
Classifiers

Release history Release notifications | RSS feed

This version

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

model-unpickler-0.1.tar.gz (17.2 kB view details)

Uploaded Source

Built Distribution

model_unpickler-0.1-py3-none-any.whl (16.9 kB view details)

Uploaded Python 3

File details

Details for the file model-unpickler-0.1.tar.gz.

File metadata

  • Download URL: model-unpickler-0.1.tar.gz
  • Upload date:
  • Size: 17.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.7.1 importlib_metadata/3.10.0 pkginfo/1.8.2 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.60.0 CPython/3.7.11

File hashes

Hashes for model-unpickler-0.1.tar.gz
Algorithm Hash digest
SHA256 ce9c25275386f2d582f0f4801f7c4e4d6135ac849e2373abad4f62b0955c77a2
MD5 0ab49748b9754d9c84b764475f604f41
BLAKE2b-256 adc4261c3bedf98fb4576922614a57870c526b24084f51a49f137ab98ee10a7c

See more details on using hashes here.

File details

Details for the file model_unpickler-0.1-py3-none-any.whl.

File metadata

  • Download URL: model_unpickler-0.1-py3-none-any.whl
  • Upload date:
  • Size: 16.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.7.1 importlib_metadata/3.10.0 pkginfo/1.8.2 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.60.0 CPython/3.7.11

File hashes

Hashes for model_unpickler-0.1-py3-none-any.whl
Algorithm Hash digest
SHA256 510f414a63219b6b0582434afc1247280850eb8e3ab0da4d9eb2ff0ad2c75559
MD5 dc90ee86ec7a97bf0950f703f910ad6a
BLAKE2b-256 e1961cf9f73c5cce4b0ac5afb2df543c92f193f7cd09dffa4b9334b5ea6c808c

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page