Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #22254
| Date | 2012-03-27 16:59 -0500 |
|---|---|
| From | Evan Driscoll <driscoll@cs.wisc.edu> |
| Subject | Re: RE: Advise of programming one of my first programs |
| References | <CAKhY55OL1qvq+kqbyKT8gEuFOK4BkgYGZkkyUVb84_H9VVEQhA@mail.gmail.com> <5B80DD153D7D744689F57F4FB69AF4740928C365@SCACMX008.exchad.jpmchase.net> <CAKhY55O9zE_jxF5PvzOF0DGifRT2gZLbRHiuQ_a1vA-aGGDb9g@mail.gmail.com> <5B80DD153D7D744689F57F4FB69AF4740928E137@SCACMX008.exchad.jpmchase.net> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.1051.1332885611.3037.python-list@python.org> (permalink) |
On 01/-10/-28163 01:59 PM, Prasad, Ramit wrote:
>> ####### CODE #########
>> fileread = open('myfile.txt','r')
>> tbook = eval(fileread.read())
>> fileread.close()
>
> The use of eval is dangerous if you are not *completely* sure what is
> being passed in. Try using pickle instead:
> http://docs.python.org/release/2.5.2/lib/pickle-example.html
Um, at least by my understanding, the use of Pickle is also dangerous if
you are not completely sure what is being passed in:
Warning: The pickle module is not intended to be secure
against erroneous or maliciously constructed data. Never
unpickle data received from an untrusted or unauthenticated
source.
- http://docs.python.org/library/pickle.html
Evan
Back to comp.lang.python | Previous | Next | Find similar | Unroll thread
Re: RE: Advise of programming one of my first programs Evan Driscoll <driscoll@cs.wisc.edu> - 2012-03-27 16:59 -0500
csiph-web