Paul Winkler wrote:
On Sun, Nov 21, 2004 at 02:36:36PM -0800, David Siedband wrote:
I was thinking eval() combined with some sort of checking to make sure that the string being evaluated is in fact a valid dictionary... Seems like pickling is a more secure way to store dictionaries.
yeah, eval() should really be avoided unless you have some way to guarantee that the string you feed it cannot contain anything malicious.
Malicious pickles (now *there's* a band name) can be problematic, too, but the effort to create one is much higher than to create Python code. Tres. -- =============================================================== Tres Seaver tseaver@zope.com Zope Corporation "Zope Dealers" http://www.zope.com