|
eval() function security
|
|
Sep-21-2019, 01:59 PM
eval or exec from unthrusted source is always a bad idea in all languages.Even formats like XML, YAML, JSON do allow code execution. JSON does not affect the Python world, but its a valid JavaScript Object. XML supports loops (bad) and YAML can execute Python code or other code.
Almost dead, but too lazy to die: https://sourceserver.info
All humans together. We don't need politicians! |
|
|
| Messages In This Thread |
|
eval() function security - by Skaperen - Sep-20-2019, 11:47 PM
RE: eval() function security - by ichabod801 - Sep-20-2019, 11:58 PM
RE: eval() function security - by metulburr - Sep-21-2019, 07:00 AM
RE: eval() function security - by Skaperen - Sep-22-2019, 07:03 AM
RE: eval() function security - by DeaD_EyE - Sep-21-2019, 01:59 PM
RE: eval() function security - by snippsat - Sep-21-2019, 02:31 PM
RE: eval() function security - by metulburr - Sep-22-2019, 04:01 PM
RE: eval() function security - by snippsat - Sep-22-2019, 06:17 PM
RE: eval() function security - by Skaperen - Sep-23-2019, 04:32 AM
|
| Possibly Related Threads… | |||||
| Thread | Author | Replies | Views | Last Post | |
| make eval() safe | Skaperen | 5 | 2,770 |
Mar-24-2022, 05:47 PM Last Post: Skaperen |
|