[Tutor] accessing list from a string
Alan Gauld
alan.gauld at btinternet.com
Wed Nov 26 09:49:00 CET 2008
"John Fouhy" <john at fouhy.net> wrote
>> s = "[2.5,2.8]" # your string from the file
>>
>> e = "tuple(" + e + ")"
This should of course be
>> e = "tuple(" + s + ")"
> If I, as an evildoer, can control e, it seems that I could set it
> to:
>
> ,), __import__('os').system('rm -rf /'
Assuming you now mean s rather than e...
That wouldn't work since tuple() would fail on that expression.
HTH,
Alan G
More information about the Tutor
mailing list