Message 275229 - Python tracker

Message275229

Author	vinay.sajip
Recipients	Arfrever, christian.heimes, ncoghlan, python-dev, vinay.sajip
Date	2016-09-09.01:05:33
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1473383134.4.0.271263638893.issue15452@psf.upfronthosting.co.za>
In-reply-to

Content
> Can this ticket be closed? I suppose so - I didn't implement the addition of lookup_eval() to the ast module as I thought it might be a slight overkill. Given that the calls to eval() from fileConfig() have been there from when logging was added to the stdlib, and as this ticket has been quiet since 2012, I suppose there's no real concern about the eval() being a security issue. If there is such a concern, then my proposal to add lookup_eval() to the ast module should be considered (it didn't get any review comments when I proposed it).

Content

> Can this ticket be closed?

I suppose so - I didn't implement the addition of lookup_eval() to the ast module as I thought it might be a slight overkill. Given that the calls to eval() from fileConfig() have been there from when logging was added to the stdlib, and as this ticket has been quiet since 2012, I suppose there's no real concern about the eval() being a security issue. If there is such a concern, then my proposal to add lookup_eval() to the ast module should be considered (it didn't get any review comments when I proposed it).

History
Date	User	Action	Args
2016-09-09 01:05:34	vinay.sajip	set	recipients: + vinay.sajip, ncoghlan, christian.heimes, Arfrever, python-dev
2016-09-09 01:05:34	vinay.sajip	set	messageid: <1473383134.4.0.271263638893.issue15452@psf.upfronthosting.co.za>
2016-09-09 01:05:34	vinay.sajip	link	issue15452 messages
2016-09-09 01:05:33	vinay.sajip	create