Paul Ganssle <p.gans...@gmail.com> added the comment:
> why the code is executed?
> I could do a library or a package and include evil code instead of a
> print...
The code is executed because the decorator syntax
@decorator
def f():
...
Is equivalent to
def f():
...
f = decorator(f)
So you are indeed calling the `decorator` function.
It is true that you could put evil code in the decorator function, but it's
also true that you can execute evil code directly in the Python function as
well, e.g.:
execute_evil_code()
def f():
...
Importing such a package would call `execute_evil_code()`.
----------
nosy: +p-ganssle
_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue37418>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
