[PyGreSQL] Patch to add read support for integer arrays
Daryl Tester
dt-pygresql at handcraftedcomputers.com.au
Sat Mar 22 01:04:51 EDT 2008
Christopher Sean Hilton wrote:
> On the whole I'm not sure if that's the correct
> approach. Still though, eval()'s a dangerous function that I go out of
> my way to avoid in regular practice. I know I can only hope that the
> libraries and modules that I use have the same respect for it.
"They" marked the pickle library as unsafe because of its use of eval
(which made me a sad panda, as I throw pickles around on the network
with gay abandon - doesn't stop me from doing it though). But yes,
anything passing through eval is eventually going to wind up as a
posting on the Bugtraq security mailing list.
--
Regards,
Daryl Tester
"We are sexy, sexy Von Neumann machines." -- http://www.xkcd.org/387/
More information about the PyGreSQL
mailing list