On Fri, Dec 9, 2011 at 10:59 PM, Steven D'Aprano <steve+comp.lang.pyt...@pearwood.info> wrote: > (4) If you think you can make exec safe with a prohibited list of > dangerous strings, you probably can't.
If you think that it's even _possible_ to make exec safe with a blacklist, I have a nice padded cell for you over here. Security is NEVER achieved with blacklists, ONLY whitelists. ChrisA -- http://mail.python.org/mailman/listinfo/python-list
