Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.python > #22351 > unrolled thread

RE: RE: Advise of programming one of my first programs

Back to article view | Back to comp.lang.python

This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by below is the oldest one visible, not the original post.

Contents

  RE: RE: Advise of programming one of my first programs "Prasad, Ramit" <ramit.prasad@jpmorgan.com> - 2012-03-29 17:18 +0000

#22351 — RE: RE: Advise of programming one of my first programs

[Multipart message — attachments visible in raw view] — view raw

From: Anatoli Hristov [mailto:tolidtm@gmail.com]
Sent: Wednesday, March 28, 2012 5:36 PM
To: Prasad, Ramit
Cc: python-list@python.org
Subject: Re: RE: Advise of programming one of my first programs


>>> > Um, at least by my understanding, the use of Pickle is also dangerous if
>>>> you
>>> > are not completely sure what is being passed in:
>>>
>>> Oh goodness yes. pickle is exactly as unsafe as eval is. Try running this
>>> code:
>>>
>>> from pickle import loads
>>> loads("c__builtin__\neval\n(c__builtin__\nraw_input\n(S'py>'\ntRtR.")

>>It might be as dangerous, but which is more likely to cause problems in
>>real world scenarios?

>Guys this is really something  that is not that important at this time for me

“My Eyes! The goggles do nothing!”

Ramit


Ramit Prasad | JPMorgan Chase Investment Bank | Currencies Technology
712 Main Street | Houston, TX 77002
work phone: 713 - 216 - 5423

--


This email is confidential and subject to important disclaimers and
conditions including on offers for the purchase or sale of
securities, accuracy and completeness of information, viruses,
confidentiality, legal privilege, and legal entity disclaimers,
available at http://www.jpmorgan.com/pages/disclosures/email.  

[toc] | [standalone]

Back to top | Article view | comp.lang.python

csiph-web