I'm finding my quest for a safe eval() quite frustrating :)
Any comments on this: Just forget about getting python to do this and, instead, grab my set of values (from a user supplied text file) and call an external program like 'bc' to do the dirty work. I think that this would avoid someone from embedding os.system("rm ...") in what I thought would be a math expression and having it maybe do damage? Perhaps I'm getting too paranoid in my old age.
I guess this would slow things down a bit, but that is not a big concern. Bigger concern would be that I'm not sure if 'bc' or whatever is guaranteed to be on other platforms than *nix. And if I want to be really paranoid, I could worry that someone had planted a bad 'bc' on the target.
-- http://mail.python.org/mailman/listinfo/python-list
