[Python-Dev] Patch to remove eval from csv sniffer

Thu, 12 Jun 2003 09:27:59 -0400

> The patch by Raymond Hettinger mentioned here:
> 
>     www.python.org/sf/744104
> 
> makes a lot of sense. The question is - should it be applied now? We're
> in the 55th minute of the 11th hour for 2.3, and changes are generally
> unwelcome. This change changes the sniffer's behaviour slightly, but
> it's probably better to do this now, than after 2.3 is released (and
> it's a potential security problem).

Better now.

--Guido van Rossum (home page: http://www.python.org/~guido/)