SafeConfigParser can set unsafe values
hamish at cloud.net.au
Wed Jul 11 06:16:32 CEST 2007
>> Should SafeConfigParser.set() be escaping automatically?
> It seems like that would be a nice feature. However, may I offer up
> that if you are setting an option and then later on getting that value
> back in the same program, you probably should have used some other
> storage mechanism in the first place. That is, you shouldn't store
> values needed during the runtime of your program in a ConfigParser
I agree, but that was a trivial example to demonstrate the problem.
Writing the file out to disk writes it exactly as set(), causing a get()
to fail just the same later.
> While I think you have technically pointed out a potential bug, I'm
> not sure why it matters. Such a bug only comes about for (IMHO) flawed
> use cases.
Sorry, that's incorrect.
More information about the Python-list