**Pickle is not secure, only use with trusted data.**

**pickle protocols**
- The data format used by pickle is Python-specific. Non-Python programs may not be able to reconstruct pickled Python objects
- 6 protocols, higher protocol = more recent the version of Python
- binaries can be further compressed


https://docs.python.org/3/library/pickle.html#pickle-protocols

**Persistent objects** 
- objects that can be stored and retrieved from a storage medium (such as a file or a database) while retaining their state and behavior
- `__get_state__`, `__set_state__` methods in `pickle` package

`__reduce__()`
- handle properties that don't serialize well
- method that runs upon deserialization
- potentially malicious

Src
- https://docs.python.org/3/library/pickle.html#object.\_\_reduce\_\_
- https://stackoverflow.com/questions/19855156/whats-the-exact-usage-of-reduce-in-pickler

In [8]:
import pickle
import tempfile

class Test:
    def __init__(self, file_path):
        # Used later in __reduce__
        self._file_name_we_opened = file_path
        # An open file in write mode
        self.some_file_i_have_opened = open(self._file_name_we_opened, 'wb')
    def __reduce__(self):
        # we return a tuple of class_name to call,
        # and optional parameters to pass when re-creating
        return (self.__class__, (self._file_name_we_opened, ))


with tempfile.TemporaryDirectory() as tmpdirname:
    fname = tmpdirname + "/test1234567890.txt"
    my_test = Test(fname)
    saved_object = pickle.dumps(my_test)
    # Just print the representation of the string of the object,
    # because it contains newlines.
    print(repr(saved_object))
    
    # vars = dict containing object's mutable attributes
    print(vars(pickle.loads(saved_object)))

b'\x80\x04\x95k\x00\x00\x00\x00\x00\x00\x00\x8c\x08__main__\x94\x8c\x04Test\x94\x93\x94\x8cO/var/folders/rw/0ngmxz7n6hl0tb17f2b4fb780000gr/T/tmps4b6cm1l/test1234567890.txt\x94\x85\x94R\x94.'
{'_file_name_we_opened': '/var/folders/rw/0ngmxz7n6hl0tb17f2b4fb780000gr/T/tmps4b6cm1l/test1234567890.txt', 'some_file_i_have_opened': <_io.BufferedWriter name='/var/folders/rw/0ngmxz7n6hl0tb17f2b4fb780000gr/T/tmps4b6cm1l/test1234567890.txt'>}
