On Tue, Nov 7, 2017 at 2:29 AM, אלעזר firstname.lastname@example.org wrote:
The dangers of eval and exec are obvious and well known to advanced users, but the availability as built-in functions makes it too tempting for beginners or even medium-level programmers.
I find it dubious to claim that these functions are dangerous to beginners. The dangers are related to attacks on servers that are exposed to the internet and beginners have no business running servers. Once you start exposing your code to attackers there are a lot of other things you have to worry about, and exec/eval are at least easily found using grep, unlike some other unsafe patterns.