On Fri, Jul 12, 2019 at 4:37 AM Terry Reedy <tjre...@udel.edu> wrote:
>
> On 7/11/2019 12:51 AM, Aldwin Pollefeyt wrote:
> > dinner = {'Starters':['Fried Calamari', 'Potted crab'],'Main
> > Course':['Fish', 'Meat'], 'Desert':['Cake', 'Banana Split']}
> >
> > # Don't ask where I got the dinner from
> >
> > for meal in dinner.keys():
> > exec(meal.replace(' ','_') + ' = list(dinner[meal])')
>
> If dinner came from an untrusted source, and the OP does not say
> differently, this would be a stupid thing to do.
>
Yes, but if your dinner came from an untrusted source, you have bigger
problems than remote code execution exploits.
But exec is a bad idea even without security concerns. Python has FAR
better metaprogramming features (mutating globals() comes to mind
here) - but even that's probably not necessary. Needs more info from
the OP.
ChrisA
--
https://mail.python.org/mailman/listinfo/python-list
