[Tutor] dealing with user input whose value I don't know
Steve Willoughby
steve at alchemy.com
Thu Oct 2 20:13:03 CEST 2008
On Thu, Oct 02, 2008 at 10:54:56AM -0700, Bill Campbell wrote:
> Remember the cardinal rule NEVER TRUST USER INPUT! Always check
> for validity, and use methods that prevent malicious strings from
> allowing the user to get unauthorized access or change things
> they shouldn't.
Yes, I probably should have qualified what I said. This is
VERY important. Should you ever allow input() or other eval()
of what the user typed (or for that matter, passing what the
user types into file operations, SQL queries, etc)? Yes, but
*only* if you are *certain* you *must* and that you know exactly
what you're doing. And probably not even then if you can
avoid it.
So the point was what the difference was between raw_input()
and input(), but Bill's right, don't just use input() or
eval() (and input() is essentially eval(raw_input())) casually.
Not sure why?
Suppose you put a program up for public use which gets a
string value using input(). Instead of
How many numbers? 5
the user types:
How many numbers? os.system('rm -rf /')
Don't ever assume data is safe or valid if it came from
outside your realm of control.
(And don't fool yourself that a script is "just for me", in
most environments things get reused in ways you don't expect,
and even if not, get used to good programming habits).
--
Steve Willoughby | Using billion-dollar satellites
steve at alchemy.com | to hunt for Tupperware.
More information about the Tutor
mailing list