execute Python code stored in a string. This is a potential security hole of great dimensions. If you execute a string where parts of the contents have been supplied by a user, you have little or no control over what code you are executing. This is especially dangerous in network applications, such as Common Gateway Interface (CGI) scripts, which you will learn about in Chapter 15.
- 5. Conditionals, Loops, and Some Other Statements
- from Beginning Python: From Novice to Professional, 3rd Edition
- Publisher: Apress
- Released: March 2017
code and data (especially user generated) must be strictly seperated for security.
Share this highlighthttp://www.safaribooksonline.com/a/beginning-python-from/12262973/