Message 227963 - Python tracker

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

In-reply-to
Author	Behdad.Esfahbod
Recipients	Behdad.Esfahbod, docs@python, georg.brandl
Date	2014年09月30日.17:37:15
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1412098635.39.0.140201793271.issue22525@psf.upfronthosting.co.za>

Content
I think it should be made much more clear that this is not a blanket "safe eval() replacement". Re complex literals, note that Python 2.7.x only implemented the binary plus operator if the second argument was complex. This seems to have been relaxed in Python 3. Regarding DoS attack with a safe eval(), I understand the concern, but that's still a huge improvement over security risks of eval().

Content

I think it should be made much more clear that this is not a blanket "safe eval() replacement".
Re complex literals, note that Python 2.7.x only implemented the binary plus operator if the second argument was complex. This seems to have been relaxed in Python 3.
Regarding DoS attack with a safe eval(), I understand the concern, but that's still a huge improvement over security risks of eval().

History
Date	User	Action	Args
2014年09月30日 17:37:15	Behdad.Esfahbod	set	recipients: + Behdad.Esfahbod, georg.brandl, docs@python
2014年09月30日 17:37:15	Behdad.Esfahbod	set	messageid: <1412098635.39.0.140201793271.issue22525@psf.upfronthosting.co.za>
2014年09月30日 17:37:15	Behdad.Esfahbod	link	issue22525 messages
2014年09月30日 17:37:15	Behdad.Esfahbod	create

homepage