reval builtin
Neil Schemenauer
nascheme at m67.enme.ucalgary.ca
Wed Apr 14 19:00:22 EDT 1999
On Mon, 12 Apr 1999 15:59:05 GMT, Jim Meier <fatjim at home.com> wrote:
>This introduces some major security problems, and is a little difficult
>to edit, but there is very little parsing needed to make it usable. Does
>anyone know of a way to limit the damage a user can do to such a file?
It would be nice to have an "reval" builtin that would only evaluate
literals. That would make building things like config files safe and
easy. I have two ideas on how to accomplish this:
1. Create a new start symbol "reval_input" in the Grammar/Grammar
and add a "builtin_reval" function in Python/bltinmodule.c. Sound
easy? Well, the connection between these two changes is long and
twisted.
2. Use something like lex and yacc to create an extension module
that does the Right Thing(TM). I think the problem with this
approach is making it conform to the real Python grammar. If I
get time I will try it.
Perhaps some guru can explain an easy way to accomplish this and same me
some time.
Neil
More information about the Python-list
mailing list