[Tutor] two input acceptions
Kent Johnson
kent37 at tds.net
Sun May 20 00:06:02 CEST 2007
Bob Gailer wrote:
> Alan Gauld wrote:
>> input() by contrast reads the string input by the user and tries
>> to evaluate it as a Python expression. Thus if the user typed
>>
>> import os;os.system('format c:\')
>>
> Err... are you confusing eval with exec?
>
> input( [prompt])
>
> Equivalent to eval(raw_input(prompt)).
Yes he is but it doesn't matter; how about
__import__('os').system('format c:\')
?
See the many discussions about safe eval on comp.lang.python for more
examples of evil things you can do with eval.
Kent
More information about the Tutor
mailing list