easy eval() fix?

[Geoff Gerrietts]

On one of the projects I've worked with, early development featured a
pattern where primitive data would be repr()'ed into a string, then
eval()'ed back out of the string. Later in the project's evolution,
this was seen to have some previously unconsidered security
implications.

The hard way to fix this is to go back and change all the places where
data were repr()'ed into a string, and use some simpler system. But at
its easiest, that's a great deal of work.

I'm hoping that there's some module or project out there that I
haven't seen that will translate simple primitives into python objects
without doing variable interpolation or expression evaluation, etc.

I know it's a pretty steep order, but I also know it's something I've
seen before, in the form of the plist libraries under Objective C.

Anyone got a quick fix?

Thanks,
--G.

-- 
Geoff Gerrietts        <geoff at gerrietts dot net>
"Ordinarily he was insane, but he had lucid moments 
when he was merely stupid."        --Heinrich Heine