> I don't want to introduce insecurity. But also I want to really > understand what the problem is -- especially because I teach python.
Hi Marilyn, Here is an example of a string that can cause a StackOverflow error to happen: ### s = "(lambda loop: loop(loop)) (lambda self: self(self))" eval(s) ### The string 's' here looks funky, but in effect, it's definition is an infinite loop in heavy lambda disguise. (Well, it would have been infinite if Python had tail call optimization... *grin*) The problem about eval() is that it's deceptively powerful: a single expression in a language might seem like a small thing. But as soon as we allow someone the ability to evaluate a single arbitrary expression, we've basically given them the ability to do practically anything in Python. eval() is THAT POWERFUL. Here's another example: ### def myint(x): """Makes an integer out of x.""" return eval(x) print myint("41") + 1 print myint("42 and __import__('os').system('tail /etc/passwd')") ### > And I can't see the security problem, unless there's a security problem > already, like if I allowed incoming email to dictate the parameters that > I send through the socket. The email provides data for argv[1:] but > argv[0] is hard-coded. The problem is one of capability. At worse, a function like: ### def myint(x): return int(x) if __name__ == '__main__': print myint(sys.argv[1]) + 1 ### can raise an exception if given weird command line arguments, but it at least doesn't give the caller the ability to run an arbitrary shell command. Contrast this situation to the version of myint() that uses eval(). Does this make sense? Please ask more questions on this if you have any: using eval() is almost certainly not a good idea unless you really know what you're doing. _______________________________________________ Tutor maillist - [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/tutor