Converting a hex string to a number

[Fredrik Lundh]

Alex Martelli wrote:

> Things aren't all that different regarding the eval builtin
> function rather than the exec statement:
>
>     result = eval(something, fakelocals)
>
> there are a bit fewer issues with eval than with exec, but it
> doesn't take much to bypass the "can only do expressions"
> limit, alas.

most importantly, note that "any shell command" qualifies as
an expression:

    something = "__import__('os').system('echo j00 h4v3 b33n 0wn3d')"

</F>