safe eval of moderately simple math expressions
yohell at ifm.liu.se
Sat Apr 11 10:30:07 CEST 2009
Matt Nordhoff wrote:
>>>> getattr(42, '\x5f\x5fclass\x5f\x5f') # __class__
> <type 'int'>
> Is that enough to show you the error of your ways?
>>> print '_' in '\x5f\x5fclass\x5f\x5f'
> :-D Cuz seriously, it's a bad idea.
Yes probably, but that's not why. :-)
> (BTW: What if a user tries to do some ridiculously large calculation to
> DoS the app? Is that a problem?)
Nope. If the user wants to hang her own app that's fine with me.
More information about the Python-list