On 9 May 2012 17:31, Tassilo Horn <tass...@member.fsf.org> wrote: > you should bind *read-eval* to false when reading data from unknown sources.
This is the point! On one hand I need to evaluate data from a client on the other hand I'd like to filter out things like "rm -rf /", "drop table users" etc. To me it looks like a contradiction impossible to circumvent. So I ask if there's anything like "best practices" or even better something like a concept of access rights or prepared statements in clojure?. AFAIK there isn't any. So this problem must be solved on the host platforms (database, operating system etc). To me this looks much like a wheel-reinventing... Bost -- You received this message because you are subscribed to the Google Groups "Clojure" group. To post to this group, send email to clojure@googlegroups.com Note that posts from new members are moderated - please be patient with your first post. To unsubscribe from this group, send email to clojure+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/clojure?hl=en