The Case Against Python 3
Paul Rubin
no.email at nospam.invalid
Mon Nov 28 18:00:07 EST 2016
Gregory Ewing <greg.ewing at canterbury.ac.nz> writes:
> I agree that f-strings are not to blame here. If we really want to
> avoid breaking anyone's ill-conceived attempts at sandboxing eval,
> we'd better not add anything more to the language, ever, because
> nobody can foresee all the possible consequences.
I'm surprised eval was used like that. It seems ill-advised. Something
similar happened with pickles some time back. Oh my, now I'm reminded
at how old we've all gotten:
"Using eval this way is like storing a vat of cyanide in your
child's bedroom. Sure, maybe if you check the seals and locks on
the vat carefully enough, you can convince yourself that your child
won't be able to get to the cyanide. But wouldn't you feel safer
just not having the vat there at all? That's basic
safety-consciousness. Security consciousness works the same way.
Try to keep dangerous ingredients and attackers as far away from
each other as possible." ( http://bugs.python.org/msg6972 )
More information about the Python-list
mailing list