[wxPython-users] Re: changes in keycodes between 2.6 and 2.8
Karsten Hilbert
Karsten.Hilbert at gmx.net
Sun Dec 31 08:30:19 PST 2006
On Sat, Dec 30, 2006 at 10:24:41AM +0100, Werner F. Bruhin wrote:
> >Using eval() where getattr() would work is generally seen to be poor
> >form. FYI.
> >
> Thanks for eval(), this is much nicer. Still curious so, why getattr()
> is considered poor form?
I think it's the other way round. Using eval() is considered
poor form if getattr() would be sufficient.
eval() tries to *run* the string passed to it as code which
can be a huge security risk.
getattr() does just that, getting attributes and is way
harder to exploit if at all.
Karsten
--
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD 4537 78B9 A9F9 E407 1346
More information about the wxpython-users
mailing list