> As long as it's possible to attempt to execute arbitrary strings > as bytecode, I'd say ceval should be robust against this. This ought to be a long-term project then: write a bytecode verifier. It's not a trivial task! --Guido van Rossum (home page: http://www.python.org/~guido/)