Pablo Galindo Salgado <pablog...@gmail.com> added the comment:

> The function literal_eval is not safe anymore as the constructor can be 
> intercepted:

Well, actually it can also be done with any other builtin via the same trick, 
so this is no different but is only slightly more obvious that it can be done.

I still find a bit weird that the documentation says "literal or container 
display" but 'set' is neither.

----------

_______________________________________
Python tracker <rep...@bugs.python.org>
<https://bugs.python.org/issue39158>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

Reply via email to