If your object classes have a STORABLE_thaw method, that method will be called as a constructor to rebuild the object. There is probably potential mischief there. I can't imagine a scenario where the data structure also gets to define the method code as well, but it's still early in the morning for me. {grin}

Also, I recall getting Storable to segfault if the frozen data structure was corrupted, so that could be used as a stack smashing attack. Alas, it was a long time ago, so I do not recall the details.