[Python-Dev] Improved evaluator added to ast module (original) (raw)
Georg Brandl g.brandl at gmx.net
Thu Oct 11 20:26:53 CEST 2012
- Previous message: [Python-Dev] Improved evaluator added to ast module
- Next message: [Python-Dev] [Python-checkins] cpython (merge 3.2 -> default): Merge 3.2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Am 11.10.2012 20:13, schrieb Serhiy Storchaka:
On 11.10.12 19:06, Vinay Sajip wrote:
Function calls are not allowed in expressions, but the following are: Are properties allowed?
Yes, since attribute access also means properties.
This doesn't have to be a problem, since the objects on which you can access properties are not controlled by the user.
I'm not sure if you can get at "dangerous" objects, such as sys.modules, via attribute and item access chains if the accessible objects are of built-in types, but the case is very difficult to decide in practice for objects of user-supplied classes.
Georg
- Previous message: [Python-Dev] Improved evaluator added to ast module
- Next message: [Python-Dev] [Python-checkins] cpython (merge 3.2 -> default): Merge 3.2
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]