[Python-Dev] Impact of Namedtuple on startup time (original) (raw)
Brett Cannon brett at python.org
Tue Jul 18 18:00:44 EDT 2017
- Previous message (by thread): [Python-Dev] Impact of Namedtuple on startup time
- Next message (by thread): [Python-Dev] Impact of Namedtuple on startup time
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 17 Jul 2017 at 19:26 Nathaniel Smith <njs at pobox.com> wrote:
On Jul 17, 2017 5:28 PM, "Steven D'Aprano" <steve at pearwood.info> wrote:
On Mon, Jul 17, 2017 at 09:31:20PM +0000, Brett Cannon wrote: > As for removing exec() as a goal, I'll back up Christian's point and the > one Steve made at the language summit that removing the use of exec() from > the critical path in Python is a laudable goal from a security perspective. I'm sorry, I don't understand this point. What do you mean by "critical path"? Is the intention to remove exec from builtins? From the entire language? If not, how does its use in namedtuple introduce a security problem?
I think the intention is to allow users with a certain kind of security requirement to opt in to a restricted version of the language that doesn't support exec. This is difficult if the stdlib is calling exec all over the place. But nobody is suggesting to change the language in regular usage, just provide another option.
What Nathaniel said. :) -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20170718/ae227fe4/attachment-0001.html>
- Previous message (by thread): [Python-Dev] Impact of Namedtuple on startup time
- Next message (by thread): [Python-Dev] Impact of Namedtuple on startup time
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]