On Apr 22, 2010, at 14:28 , Douglas Philips wrote: > eval can be a dangerous thing to use, you have to be very careful about where > the source has come from, in terms of trusting that the code your programs > 'eval's will not be malicious or dangerous in some way. There are no absolute > rules for this, it depends on your application.
To do a bit advertising here, for this case there is clj-sandbox I claim it does a pretty good job to give a basic hassle free safety for evaluated code. Also if it is a string you read from you can skip the read-string part and just pass it the string directly. If you want to have a look: http://github.com/Licenser/clj-sandbox or for lein: [clj-sandbox "0.3.1"] -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en