Advise of programming one of my first programs
Evan Driscoll
driscoll at cs.wisc.edu
Tue Mar 27 17:59:58 EDT 2012
On 01/-10/-28163 01:59 PM, Prasad, Ramit wrote:
>> ####### CODE #########
>> fileread = open('myfile.txt','r')
>> tbook = eval(fileread.read())
>> fileread.close()
>
> The use of eval is dangerous if you are not *completely* sure what is
> being passed in. Try using pickle instead:
> http://docs.python.org/release/2.5.2/lib/pickle-example.html
Um, at least by my understanding, the use of Pickle is also dangerous if
you are not completely sure what is being passed in:
Warning: The pickle module is not intended to be secure
against erroneous or maliciously constructed data. Never
unpickle data received from an untrusted or unauthenticated
source.
- http://docs.python.org/library/pickle.html
Evan
More information about the Python-list
mailing list