There is a way to harden pickle to protect it against the most basic exploits: http://docs.python.org/py3k/library/pickle.html#restricting-...

It is not a complete solution, as an attacker could still DoS your service by making pickle allocate a huge amount of memory, but at least that's better than allowing arbitrary code execution.