numeric expression from string?

Mon Feb 6 06:19:21 EST 2006

Steven D'Aprano wrote:
> 
> It is good to be cautious. Big thumbs up. But what exactly are you worried
> about? Do you think your users might enter something Evil and break their
> own system? I'd suggest that's not your problem, and besides, it is hard
> to think of anything they could do with eval that they couldn't do by
> exiting your app and running something Evil in their shell prompt.

yeah, I guess when you think about it, there really isn't a problem.  I figured that
someone might accidentally do damage to their system with an unchecked eval.

> 
> Are you running this script as a cgi script? Then remote users might use
> eval to break your system, and you are right to avoid it.

no I am not, but it is good to know how to deal with it in this case too.

		thanks!

			bb

-- 
-----------------

             bblais at bryant.edu
             http://web.bryant.edu/~bblais