Steven Majewski wrote:
...
Your right. I'm confusing PEP 215 with the discussion on PEP 215, where that feature was requested.
However, if you allow array and member access as well, which Paul suggests, then you open the security problem back up unless you do some code analysis (as he also suggests) to make sure that [index] or .member doesn't perform a hidden function call ( A virus infected __getitem__ for example. )
If you have a virus-infected __getitem__ you are screwed regardless. We can't defend against that. The whole point is that we are never evaluating code provided by the user. "Safe" programmer-supplied literal strings are differentated at compile time from arbitrary strings. The interpolation engine only works on safe strings. Calling an overriden __getitem__ or .member is as safe as if they had done it in the way they would today: "%s" % foo.bar() Think of it as pure, compile-time syntactic sugar. If you want it to act like eval, I guess you would do this: $"$(eval('....'))...." which would compile to: "%s" % eval('....') Paul Prescod