Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #22278
| Path | csiph.com!usenet.pasdenom.info!gegeweb.org!de-l.enfer-du-nord.net!feeder2.enfer-du-nord.net!newsfeed.eweka.nl!eweka.nl!feeder3.eweka.nl!newsfeed.xs4all.nl!newsfeed5.news.xs4all.nl!xs4all!post.news.xs4all.nl!not-for-mail |
|---|---|
| Return-Path | <ramit.prasad@jpmorgan.com> |
| X-Original-To | python-list@python.org |
| Delivered-To | python-list@mail.python.org |
| X-Spam-Status | OK 0.026 |
| X-Spam-Evidence | '*H*': 0.95; '*S*': 0.00; 'completeness': 0.07; 'skip:l 60': 0.09; 'to:name:python-list@python.org': 0.15; 'currencies': 0.16; 'dangerous,': 0.16; 'disclaimers': 0.16; 'disclaimers,': 0.16; 'eval': 0.16; 'from:addr:jpmorgan.com': 0.16; 'received:155.180': 0.16; 'received:159': 0.16; 'received:159.53': 0.16; 'received:bankone.net': 0.16; 'received:exchad.jpmchase.net': 0.16; 'received:jpmchase.com': 0.16; 'received:jpmchase.net': 0.16; 'received:svr.bankone.net': 0.16; 'securities,': 0.16; 'subject:programming': 0.16; 'url:disclosures': 0.16; 'url:jpmorgan': 0.16; 'accuracy': 0.18; 'header:Received:8': 0.20; 'passed': 0.20; 'received:169.254': 0.20; 'header:In-Reply-To:1': 0.22; 'import': 0.24; 'received:169': 0.27; 'least': 0.27; 'received:155': 0.29; 'yes.': 0.29; 'code:': 0.31; 'problems': 0.31; 'phone:': 0.31; 'in.': 0.33; 'in:': 0.33; 'url:python': 0.34; 'sure': 0.36; 'but': 0.36; 'url:org': 0.36; 'running': 0.36; 'being': 0.39; 'to:addr:python- list': 0.39; 'to:addr:python.org': 0.40; 'real': 0.63; 'more': 0.63; 'information,': 0.65; 'world': 0.65; 'is.': 0.67; 'url:5': 0.67; 'purchase': 0.67; 'subject': 0.70; 'investment': 0.71; 'legal': 0.73; 'bank': 0.74; 'sale': 0.75; 'cause': 0.79; '712': 0.84; 'houston,': 0.84; 'received:169.254.8': 0.84; 'url:release': 0.84 |
| X-DKIM | OpenDKIM Filter v2.1.3 sf1.jpmchase.com q2SEw7bP010585 |
| DKIM-Signature | v=1; a=rsa-sha256; c=simple/simple; d=jpmorgan.com; s=smtpout; t=1332946687; bh=IadqiPFT02DjDLkaWRTkUYsglI/jDGnm+blHWYco6AE=; h=From:To:Subject:Date:Message-ID:References:In-Reply-To: Content-Transfer-Encoding:MIME-Version:Content-Type; b=J2MnmggoHCPhsNEcC/62tSGw4rsJHCahDJoD5lC4Zeiwm8LegqX4l96f1E105A+FI NJoUjglhGFb4k79jVImQSOD0uVbEpv1lc3g4loz6ToyATI8OVWmUFTivV6zXCIw1ZI /d8RIig9VJDhi4qReil0fceazp+yD8XS7pAqRuNk= |
| From | "Prasad, Ramit" <ramit.prasad@jpmorgan.com> |
| To | "python-list@python.org" <python-list@python.org> |
| Subject | RE: RE: Advise of programming one of my first programs |
| Thread-Topic | RE: Advise of programming one of my first programs |
| Thread-Index | AQHNC5r4MvUwEx1tfEGrnSkYZViDo5Z9Ix/AgAFcCQD//8DxYIAAtaUAgAAo5oCAAK/3cA== |
| Date | Wed, 28 Mar 2012 14:57:48 +0000 |
| References | <CAKhY55OL1qvq+kqbyKT8gEuFOK4BkgYGZkkyUVb84_H9VVEQhA@mail.gmail.com> <5B80DD153D7D744689F57F4FB69AF4740928C365@SCACMX008.exchad.jpmchase.net> <CAKhY55O9zE_jxF5PvzOF0DGifRT2gZLbRHiuQ_a1vA-aGGDb9g@mail.gmail.com> <5B80DD153D7D744689F57F4FB69AF4740928E137@SCACMX008.exchad.jpmchase.net> <4F72385E.8020804@cs.wisc.edu> <CABicbJKMdxbQ-r2Qmxy2n8W2YpxNAXos9WLKuz7rrhLz8KF+ow@mail.gmail.com> |
| In-Reply-To | <CABicbJKMdxbQ-r2Qmxy2n8W2YpxNAXos9WLKuz7rrhLz8KF+ow@mail.gmail.com> |
| Accept-Language | en-US |
| Content-Language | en-US |
| X-MS-Has-Attach | |
| X-MS-TNEF-Correlator | |
| x-originating-ip | [10.67.79.38] |
| Content-Transfer-Encoding | base64 |
| MIME-Version | 1.0 |
| X-DLP-FWD | Yes |
| Content-Type | text/plain; charset="utf-8" |
| X-BeenThere | python-list@python.org |
| X-Mailman-Version | 2.1.12 |
| Precedence | list |
| List-Id | General discussion list for the Python programming language <python-list.python.org> |
| List-Unsubscribe | <http://mail.python.org/mailman/options/python-list>, <mailto:python-list-request@python.org?subject=unsubscribe> |
| List-Archive | <http://mail.python.org/pipermail/python-list> |
| List-Post | <mailto:python-list@python.org> |
| List-Help | <mailto:python-list-request@python.org?subject=help> |
| List-Subscribe | <http://mail.python.org/mailman/listinfo/python-list>, <mailto:python-list-request@python.org?subject=subscribe> |
| Newsgroups | comp.lang.python |
| Message-ID | <mailman.1077.1332946697.3037.python-list@python.org> (permalink) |
| Lines | 21 |
| NNTP-Posting-Host | 2001:888:2000:d::a6 |
| X-Trace | 1332946697 news.xs4all.nl 6988 [2001:888:2000:d::a6]:43107 |
| X-Complaints-To | abuse@xs4all.nl |
| Xref | csiph.com comp.lang.python:22278 |
Show key headers only | View raw
> >> The use of eval is dangerous if you are not *completely* sure what is
> >> being passed in. Try using pickle instead:
> >> http://docs.python.org/release/2.5.2/lib/pickle-example.html
> >
> >
> > Um, at least by my understanding, the use of Pickle is also dangerous if
> you
> > are not completely sure what is being passed in:
>
> Oh goodness yes. pickle is exactly as unsafe as eval is. Try running this
> code:
>
> from pickle import loads
> loads("c__builtin__\neval\n(c__builtin__\nraw_input\n(S'py>'\ntRtR.")
It might be as dangerous, but which is more likely to cause problems in
real world scenarios?
Ramit
Ramit Prasad | JPMorgan Chase Investment Bank | Currencies Technology
712 Main Street | Houston, TX 77002
work phone: 713 - 216 - 5423
--
This email is confidential and subject to important disclaimers and
conditions including on offers for the purchase or sale of
securities, accuracy and completeness of information, viruses,
confidentiality, legal privilege, and legal entity disclaimers,
available at http://www.jpmorgan.com/pages/disclosures/email.
Back to comp.lang.python | Previous | Next | Find similar | Unroll thread
RE: RE: Advise of programming one of my first programs "Prasad, Ramit" <ramit.prasad@jpmorgan.com> - 2012-03-28 14:57 +0000
csiph-web