[Python-Dev] Impact of Namedtuple on startup time (original) (raw)
Nathaniel Smith njs at pobox.com
Mon Jul 17 22:25:27 EDT 2017
- Previous message (by thread): [Python-Dev] Impact of Namedtuple on startup time
- Next message (by thread): [Python-Dev] Impact of Namedtuple on startup time
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Jul 17, 2017 5:28 PM, "Steven D'Aprano" <steve at pearwood.info> wrote:
On Mon, Jul 17, 2017 at 09:31:20PM +0000, Brett Cannon wrote:
As for removing exec() as a goal, I'll back up Christian's point and the one Steve made at the language summit that removing the use of exec() from the critical path in Python is a laudable goal from a security perspective.
I'm sorry, I don't understand this point. What do you mean by "critical path"?
Is the intention to remove exec from builtins? From the entire language? If not, how does its use in namedtuple introduce a security problem?
I think the intention is to allow users with a certain kind of security requirement to opt in to a restricted version of the language that doesn't support exec. This is difficult if the stdlib is calling exec all over the place. But nobody is suggesting to change the language in regular usage, just provide another option.
-n -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20170717/e5d2cdec/attachment.html>
- Previous message (by thread): [Python-Dev] Impact of Namedtuple on startup time
- Next message (by thread): [Python-Dev] Impact of Namedtuple on startup time
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]