On Thu, Jul 24, 2014 at 10:11:41AM +0000, Allahondoum Mbaibarem wrote: > I'm new at python and I would like to have knowledge about the Security and > the Reliability factor of Python thank you.
Python is very reliable. The language has been around for over 20 years, and is in use in tens of thousands if not more sites. Python is actively maintained, so when problems are reported, they are dealt with promptly. But of course it is a programming language, which means the reliablity of code you write depends on *your* skill at programming. If you write buggy code, Python cannot save you from your own errors. However, unlike low-level languages like C, you should not be able to cause a core dump or operating-system crash from Python code. (If you ever do find one of those, except for the ctypes module which is special, it is a bug in Python and should be reported immediately. But you won't: I've been using Python for over 15 years and have never managed to cause a core dump from Python code.) Likewise, in Python you cannot have dangling pointer errors, buffer overflows, or any of those similar critical errors which lead to security failures. The worst you can have is an uncaught exception, which causes the Python process to write a traceback to standard error and exit. Python is only as secure as the code *you* write. If you write code where you accept text from untrusted people over the Internet and then execute it as code using eval() or exec(), then your code is vulnerable to code injection attacks. The solution to this is simple: don't use eval() or exec() on untrusted data. There is hardly ever a need to use eval() or exec() in your own code. In 15 years, I've only used them a handful of times, and then mostly for experiments. -- Steven _______________________________________________ Tutor maillist - [email protected] To unsubscribe or change subscription options: https://mail.python.org/mailman/listinfo/tutor
