Transforming a str to an operator
r
rt8396 at gmail.com
Fri Aug 28 01:08:01 EDT 2009
On Aug 27, 11:35 pm, Ben Finney <ben+pyt... at benfinney.id.au> wrote:
> In general, ‘eval’ on unsanitised input is not the answer.
Yes i agree.
> I would use the following approach:
Abviously the OP is a python baby noob and casting your irrational
fear (and many others irrational fears) of eval at him is akin to
tales of Chupacabras running a muck in the jungle sucking the blood
from live goats in the twilight hours. I use eval all the time and
quite love it.
This is nothing more than a throw away academic exercise that will
serve no useful purpose for him in the future, but serves the very
useful purpose now of establishing an IO between the student and
Python interpretor. I'll bet most your example (albeit a good example)
flew miles above his head into la-la land.
The OP has plenty of time to learn about malicious input and
protecting against it, right now the fundamentals are well...
fundamental :)
More information about the Python-list
mailing list