From 562dd99418ec78c169b751e55d6d5a0fec8ceaf6 Mon Sep 17 00:00:00 2001
From: Simon Charette <charette.s@gmail.com>
Date: Wed, 1 Oct 2025 13:00:34 -0400
Subject: [PATCH] Clearly document that this package should never be used to
 store unsanitized user input.

---
 README.rst | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/README.rst b/README.rst
index 74bb3f5..af43f9a 100644
--- a/README.rst
+++ b/README.rst
@@ -63,6 +63,22 @@ and assign whatever you like (as long as it's picklable) to the field:
     >>> obj.args = ['fancy', {'objects': 'inside'}]
     >>> obj.save()
 
+.. warning::
+
+  As the name of this package implies ``django-picklefield`` relies on the
+  stdlib `pickle`_ module to serialize its data. Concretely this means that
+  **this package should not be used to store user controllable data under any
+  circumstances at the risk of exposing your application to arbitrary code
+  execution**.
+
+  In order to prevent potentially dangerous usage of ``PickledObjectField``
+  field it is explicitly marked as ``editable=False`` which will prevent its
+  declarative usage in forms and consequently the admin but be aware that
+  assigning unsanitized user provided strings directly to a ``PickledObjectField``
+  exposes your to arbitrary code execution the same way piping malicious
+  strings into ``pickle.loads`` does.
+
+.. _pickle: https://docs.python.org/3/library/pickle.html#module-pickle
 
 -----
 Notes