Safe eval?

[Philipp Lenssen]

"Philipp Lenssen" <lenssen at hitnet.rwth-aachen.de> wrote in message
news:a9i2kg$cg8$1 at nets3.rz.RWTH-Aachen.DE...
> Is it possible to have a safe eval() on the server-side even when the
string
> consists of submitted user data?
>..

I forgot to mention: all that should be allowed is arithmetics (boolean as
well) plus a limited set of functions that I write & define.
Say the following is OK (I already replaced internal variables here):
1 == 2 and false or (10 + 3 * 2) == 4 or internal_harmlessFunction() == true

Whereas this clearly isn't:
1 == 2 and false or (10 + 3 * 2) == 4 or delete_all_files('c:\\') == true


I just realized, as opposed to PHP, there's much stricter namespaces in
Python and maybe not using "import" on anything harmful could be the
solution?