On 5/1/07, Guido van Rossum <[EMAIL PROTECTED]> wrote:
> On 5/1/07, Jim Jewett <[EMAIL PROTECTED]> wrote:
> > There are some things you can safely do with even arbitrary objects --
> > such as appending them to a list.
> > By mentioning security as a reason to restrict the format, it suggests
> > that this is another safe context. It isn't.
> But your presumption that the map is already evil makes it irrelevant
> whether the format is safe or not. Having the evil map is the problem,
> not passing it to the format operation.
Using a map was probably misleading. Let me rephrase:
While the literal string itself is safe, the format function is only
as safe as the objects being formatted. The example below gets
person.name; if the person object itself is malicious, then even this
attribute access could run arbitrary code.
"My name is {0.name}".format(person)
-jJ
_______________________________________________
Python-3000 mailing list
[email protected]
http://mail.python.org/mailman/listinfo/python-3000
Unsubscribe:
http://mail.python.org/mailman/options/python-3000/archive%40mail-archive.com
