eval() == evil? --- How to use it safely?

Paul Rubin http
Fri Aug 29 02:57:45 CEST 2008


"James Mills" <prologic at shortcircuit.net.au> writes:
> If you cannot use a simple data structure/format
> like JSON, or CSV, or similar, _don't_
> use eval or exec, but use the pickle
> libraries instead. This is much safer.

Pickle uses eval and should also be considered unsafe, as its
documentation describes.



More information about the Python-list mailing list