SafeConfigParser can set unsafe values

Hamish Moffatt hamish at cloud.net.au
Wed Jul 11 00:16:32 EDT 2007


Matimus wrote:
>> Should SafeConfigParser.set() be escaping automatically?
> 
> It seems like that would be a nice feature. However, may I offer up
> that if you are setting an option and then later on getting that value
> back in the same program, you probably should have used some other
> storage mechanism in the first place. That is, you shouldn't store
> values needed during the runtime of your program in a ConfigParser
> instance.

I agree, but that was a trivial example to demonstrate the problem. 
Writing the file out to disk writes it exactly as set(), causing a get() 
to fail just the same later.

> While I think you have technically pointed out a potential bug, I'm
> not sure why it matters. Such a bug only comes about for (IMHO) flawed
> use cases.

Sorry, that's incorrect.


Hamish



More information about the Python-list mailing list