[Python-ideas] Any chance on (slowly) deprecating `eval` and `exec` as builtins?
Guido van Rossum
guido at python.org
Tue Nov 7 16:53:00 EST 2017
On Tue, Nov 7, 2017 at 2:29 AM, אלעזר <elazarg at gmail.com> wrote:
> The dangers of eval and exec are obvious and well known to advanced users,
> but the availability as built-in functions makes it too tempting for
> beginners or even medium-level programmers.
I find it dubious to claim that these functions are dangerous to beginners.
The dangers are related to attacks on servers that are exposed to the
internet and beginners have no business running servers. Once you start
exposing your code to attackers there are a lot of other things you have to
worry about, and exec/eval are at least easily found using grep, unlike
some other unsafe patterns.
--Guido van Rossum (python.org/~guido)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Python-ideas