[Tutor] Opinion - help could use more examples
Alan Gauld
alan.gauld at btinternet.com
Thu Jun 20 09:01:52 CEST 2013
On 20/06/13 03:38, Steven D'Aprano wrote:
> On 20/06/13 10:21, Devin Jeanpierre wrote:
>> they're doing -- it omits things like advice to do with security,
>> including neglecting to declare that functions are not safe and can
>> execute arbitrary Python code,
> I think it is perfectly acceptable for the Python documentation to
> assume that anyone reading it will understand that calling a function
> executes code.
I took it that Devin was referring to specific functions such as
v2.x input() that execute or evaluate the input parameters
as arbitrary code. I don't think he meant the fact that functions in
general execute code.
eg. Help on input() says:
Help on built-in function input in module __builtin__:
input(...)
input([prompt]) -> value
Equivalent to eval(raw_input(prompt)).
(END)
There is no explicit mention that it is insecure or that it will execute
it's input argument as code other than the reference to eval() which a
beginner might not understand.
--
Alan G
Author of the Learn to Program web site
http://www.alan-g.me.uk/
More information about the Tutor
mailing list