Safe eval?
Philipp Lenssen
lenssen at hitnet.rwth-aachen.de
Tue Apr 16 17:22:11 EDT 2002
"Geoff Gerrietts" <geoff at gerrietts.net> wrote in message
news:mailman.1018991313.16792.python-list at python.org...
> Quoting Philipp Lenssen (lenssen at hitnet.rwth-aachen.de):
> > I just realized, as opposed to PHP, there's much stricter namespaces in
> > Python and maybe not using "import" on anything harmful could be the
> > solution?
>
> You can hack on the rexec module to make it do what you want to do;
> that's what I do. It may or may not provide ample security for your
> purposes; it's certainly better than a raw eval().
>
> The code I use is attached; under 2.something,
Thanks! I will try out your class and simply use it if it does what I want.
Please email me if you a) don't want me to use it xor b) don't want to get
credited in the source file or the http://questml.com webpage.
> this breaks unless you
> override make_re to pass.
>..
Could you explain that? I didn't understand...
More information about the Python-list
mailing list