In article <1gr3mwj.1mhbjao122j7fxN%aleaxit at>,
Alex Martelli <aleaxit at> wrote:
>Steven Bethard <steven.bethard at> wrote:
>> If I could see how to go from 'object' (or 'int', 'str', 'file', etc.)
>> to 'eval' or '__import__', that would help out a lot...
>>>> object.__subclasses__()
>[<type 'type'>, <type 'weakref'>, <type 'int'>, <type 'basestring'>,
><type 'list'>, <type 'NoneType'>, <type 'NotImplementedType'>, <type
>'module'>, <type 'zipimport.zipimporter'>, <type 'posix.stat_result'>,
><type 'posix.statvfs_result'>, <type 'dict'>, <type 'function'>, <class
>'site._Printer'>, <class 'site._Helper'>, <type 'set'>, <type 'file'>]
>Traipse through these, find one class that has an unbound method, get
>that unbound method's func_globals, bingo.

One thing my company has done is written a ``safe_eval()`` that uses a
regex to disable double-underscore access.
