The python module pickle is very insecure. We use a white list and it mitigate the danger but it's not impossible and very hard to know if we have a security issue. Object can leak a functionality enough powerful to create a attack.

IMHO, we should remove pickle and use a other system to save data. Less head scratch.