On Mon, Jul 21, 2008 at 10:41 AM, A.M. Kuchling <[EMAIL PROTECTED]> wrote: > On Mon, Jul 21, 2008 at 03:53:18PM +0000, Antoine Pitrou wrote: >> The underscore at the beginning of _sre clearly indicates that the module is >> not recommended for direct consumption, IMO. Even the functions that don't >> themselves start with an underscore... > > Sure, but if someone is trying to break in or DoS your application > server, they don't care if the module starts with an underscore or > not. > > To answer Victor's original question: the parser & compiler that turn > a regex into bytecode is written in Python. I can't think of a way to > prevent other Python modules from importing _sre or accessing the > compile() function; if nothing else, code could always do 'import re ; > re.sre_compile._sre.compile(...)'.
I've written a re-code verifier for the Google App Engine. I have permission to open source this, hopefully I will get to this before 2.6 beta 3. -- --Guido van Rossum (home page: http://www.python.org/~guido/) _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
