Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.lang.python > #34705 > unrolled thread
| Started by | Chris Rebert <clp2@rebertia.com> |
|---|---|
| First post | 2012-12-12 09:33 -0800 |
| Last post | 2012-12-12 09:33 -0800 |
| Articles | 1 — 1 participant |
Back to article view | Back to comp.lang.python
This discussion starts older than the indexed window; earlier articles aren't shown. The article labeled Started by
below is the oldest one visible, not the original post.
Re: JSON logging ? Chris Rebert <clp2@rebertia.com> - 2012-12-12 09:33 -0800
| From | Chris Rebert <clp2@rebertia.com> |
|---|---|
| Date | 2012-12-12 09:33 -0800 |
| Subject | Re: JSON logging ? |
| Message-ID | <mailman.783.1355333612.29569.python-list@python.org> |
[Multipart message — attachments visible in raw view] — view raw
On Dec 11, 2012 7:33 AM, "Bart Thate" <feedbackflow@gmail.com> wrote: <snip> > pickle uses eval still ? or is is considered safe now ? i was told not to use eval() stuff on data. I don't believe pickle uses eval() per se, but per the red warning box in its docs, it's still not safe when given untrusted input. IIRC, among other things, in order to unpickle non-built-in classes, it is capable of performing imports; this feature is rife for abuse by an adversary.
Back to top | Article view | comp.lang.python
csiph-web