Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Better model security with new PyTorch version #3521

Closed
mayankjobanputra opened this issue Nov 4, 2022 · 4 comments · Fixed by #3901
Closed

Better model security with new PyTorch version #3521

mayankjobanputra opened this issue Nov 4, 2022 · 4 comments · Fixed by #3901
Assignees
@mayankjobanputra
Labels
epic:in-progress Epic is in progress topic:modeling type:feature New feature or request

Comments

@mayankjobanputra
Copy link
Collaborator

When loading PyTorch models from the modelhub, arbitrary code can be executed. See here.

Seems like PyTorch already solved this:

Test
Test haystack tests with new flags

Solution:

  • Bump up PyTorch version to 1.13

Behaviour

  • Secure by default TORCH_FORCE_WEIGHTS_ONLY_LOAD always set to true when Haystack loads any models
@mayankjobanputra mayankjobanputra self-assigned this Nov 4, 2022
@mayankjobanputra mayankjobanputra mentioned this issue Nov 4, 2022
Closed
6 tasks
@mayankjobanputra
Copy link
Collaborator Author

Something that I have been struggling for a couple of days: python-poetry/poetry#6409

@LLukas22
Copy link

LLukas22 commented Dec 5, 2022

@mayankjobanputra I also tried to get this working. This seams to be a bug on pytorchs side as mentioned in pytorch/pytorch#89924. It will probably get fixes in the 1.13.1 release which will be released in few days. I'll take another look when they fixed the marker problem in pytorch.

@mayankjobanputra
Copy link
Collaborator Author

@LLukas22 thanks a lot :)

I am also tracking this PyTorch issue and looking forward to upgrading PyTorch version in Haystack!

@julian-risch julian-risch mentioned this issue Dec 8, 2022
Closed
6 tasks
@julian-risch julian-risch mentioned this issue Dec 16, 2022
Merged
6 tasks
@mayankjobanputra
Copy link
Collaborator Author

pytorch/pytorch#52181 (comment)

Discussion is still going on about enabling TORCH_FORCE_WEIGHTS_ONLY_LOAD by default.

@mayankjobanputra mayankjobanputra mentioned this issue Jan 21, 2023
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mayankjobanputra mayankjobanputra

Labels
epic:in-progress Epic is in progress topic:modeling type:feature New feature or request
Projects
None yet
Milestone
No milestone
2 participants
@mayankjobanputra @LLukas22