eval() == evil? --- How to use it safely?

rustom rustompmody at gmail.com
Wed Sep 3 12:10:40 CEST 2008


On Aug 29, 4:42 am, castironpi <castiro... at gmail.com> wrote:

> May I suggest PyYAML?

I second that.

Yaml is very pythonic (being indentation based) and pyyaml is sweet.

Only make sure you use safe_load not load and you will have only
default construction for standard python objects -- lists,
dictionaries and 'atomic' things so no arbitrary code can be executed.

Someone else suggested json which is about the same as yml if there
are no objects. And by using safe_load you are not using objects.



More information about the Python-list mailing list