numeric expression from string?
Blair P. Houghton
blair.houghton at gmail.com
Tue Feb 7 01:02:29 EST 2006
Steven wrote:
>Do you think your users might enter something Evil and break their own system?
That's not usually how it works.
How it usually works is:
1. Innocent code-monkey writes nifty applet, posts on usenet.
2. Innocent but dull-witted framework manufacturer includes nifty
applet in Next Big Thing framework.
2. Innocent webmaster uses framework to design entire website,
dragging and dropping input boxes validated by nifty applet all over
the place.
3. Budding malevolent self-deceived "just fooling around" script
kiddie enters evil string into vulnerable buffer passed nifty applet,
taking down innocent webmaster's system. Posts astonishment on
#dickwar3z irc channel.
4. Genuinely malevolent wiseguy/blackmailer/terrorist blackhat stores
sploit for later inclusion in rootkit-laying worm suite.
5. Randal Schwartz goes to jail.
--Blair
More information about the Python-list
mailing list