Converting a hex string to a number
François Pinard
pinard at iro.umontreal.ca
Tue Jul 9 18:46:52 EDT 2002
More information about the Python-list mailing list
Tue Jul 9 18:46:52 EDT 2002
- Previous message (by thread): Converting a hex string to a number
- Next message (by thread): Converting a hex string to a number
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[Simon Foster] > >> eval! > >Overkill. Unsafe. Ugly. Lame. > What do you mean by unsafe? I agree that `eval' is a bit less safe, in that it could be abused more easily by people running your programs, if you do not fully trust these .people, like it especially occurs for your Web scripts, say! :-) You ought to take extra-precautions for having better control over `eval' arguments, making sure that no part is never blindly derived from sources which are external to your program, like files or environment variables. `eval' is also tinily slower, and has other problems: for example, the compiler will refuse that you nest scopes having free variables, whenever you use `eval'. You see: even the compiler is a bit suspicious about it! Best is to avoid `eval', `exec', `execfile' and `input' whenever you can. In really many cases, you will discover that you can easily and elegantly go without them, after only a few minutes of thinking. You can also ask for help on this mailing list if you find more difficult cases. Oh, undoubtedly and indeed, there are legitimate cases for using `eval' and friends. Of course. But deep down, these cases are infrequent. -- François Pinard http://www.iro.umontreal.ca/~pinard
- Previous message (by thread): Converting a hex string to a number
- Next message (by thread): Converting a hex string to a number
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Python-list mailing list