On Mon, 14 Jan 2002, Jason Orendorff wrote: > > But just in case I'm seeing it all wrong: could you explain > > to me how PEP 215 *doesn't* have the potential of introducing > > a security hole ? > > Gladly. > > Every $-string can be converted to equivalent code that uses only: > > a) whatever code the programmer explicitly typed > in the $-string; > b) str() or unicode(); and > c) the + operator applied to strings. > But the examples in PEP 215 don't follow those restrictions. That may be the source of the confusion. Maybe someone should revise the PEP for consistency before it's considered further. -- Steve.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4