Skip to content Skip to sidebar Skip to footer
Home / Eval / Parsing / Python / Security

Using Ast And Whitelists To Make Python's Eval() Safe?

Post a Comment
OK. I know the experts have spoken and you should not ever use python's eval() on untrusted data, ever. I'm not smarter than the rest of the world, and shouldn't even try this. But

Solution 1:

Zope has a thing called RestrictedPython, you may want to check it, at least to validate your approach or possibly reuse their code. It is configurable and re-usable.

Here's my other answer to a similar question.

Solution 2:

Try asteval, seems like the thing you need. Otherwise there is this safe eval

Post a Comment for "Using Ast And Whitelists To Make Python's Eval() Safe?"