| ▲ | amelius 2 hours ago | |
> loading them with torch.load() can lead to RCE (remote command execution) Why didn't the Torch team fix this? | ||
| ▲ | embedding-shape 2 hours ago | parent [-] | |
OP misunderstands, the issue is specifically with the pickle format, and similar ones, as they're essentially code that needs to be executed, not just data to be loaded. Most of the ecosystem have already moved to using .safetensor format which is just data and doesn't suffer from that issue. | ||