On Mon, Feb 25, 2013 at 4:53 PM, Stefan Krastanov <krastanov.ste...@gmail.com> wrote: > concerning the prime notation: lambdify works by printing out your > code, changing some imports and some names and then feeding it to > "eval". All of it is just string operations. Not only it will choke on > quotes, it can cause security holes if you hide malicious code in the > name of the symbol.
Can we fix this by limiting what eval has access to during this part of the operation? (i.e. giving it a safe sandbox)? -- You received this message because you are subscribed to the Google Groups "sympy" group. To unsubscribe from this group and stop receiving emails from it, send an email to sympy+unsubscr...@googlegroups.com. To post to this group, send email to sympy@googlegroups.com. Visit this group at http://groups.google.com/group/sympy?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
