editing conf file
rusi
rustompmody at gmail.com
Fri Nov 16 11:41:38 EST 2012
On Nov 16, 7:08 pm, Roy Smith <r... at panix.com> wrote:
> These days, if I was writing something that needed a config file and I
> didn't want to do "import settings" for whatever reason, I would go with
> YAML. It seems to give an attractive mix of:
>
> * supporting complex data structures
> * easy to for humans to hand-edit
> * easy for humans to read
> * safe from code injection attacks
+1 except for a caveat on the last:
Use safe_load and safe_dump.
dump and load are vulnerable to code injection attacks
More information about the Python-list
mailing list