Convert String to Dictionary question
Jason Orendorff
jason at jorendorff.com
Sun Feb 17 13:11:00 EST 2002
Christian Tanzer wrote:
> Jason Orendorff wrote:
> > Whereas there are no known security holes in pickle.
>
> Not true.
I stand corrected. Yow. My statement above is not just wrong
but excessively wrong.
> To wrap this up, writing secure applications is hard -- and rules of
> thumb like `eval is bad, pickle is good` aren't going to make it any
> easier.
Good call.
## Jason Orendorff http://www.jorendorff.com/
More information about the Python-list
mailing list