Am 09.02.10 07:00, schrieb OdarR:
On 9 fév, 02:50, Jean-Michel Pichavant<jeanmic...@sequans.com> wrote:
Aahz wrote:
In article<0efe23a6-b16d-4f92-8bc0-12d056bf5...@z26g2000yqm.googlegroups.com>,
OdarR<olivier.da...@gmail.com> wrote:
and with eval(), did you try ?
WARNING: eval() is almost always the wrong answer to any question
Some say that eval is evil !
JM
go to hell ;-), it is part of the language, it seems to match the
aforementioned question.
And if the extension happens to be valid python-code, you might inject
code malus code through the filename. Great idea!
globals()["function_" + ext]()
is all you need, and doesn't suffer from that attack vector.
Diez
--
http://mail.python.org/mailman/listinfo/python-list
