-
Notifications
You must be signed in to change notification settings - Fork 0
exec & eval
exec and eval have a bit of a reputation. It's possible to abuse them and
introduce security flaws. However, according to Raymond Hettinger himself,
"there is nothing unholy about using exec [1]," and I would assume the same
applies to eval (Hettinger used exec to implement the stdlib's namedtuple).
In our case, exec and eval are the simplest and most user frieldly way
to inject user setup code into the process. Moreover, these are only called
once, when the program spins up. That is to say, a malicous actor must
compromise the environment and startup process to inject bad code via these
exec/ eval calls, and if they can do that, you've got a much bigger problem
on your hands.
Please reach out if I've misjudged any risk or have input on alternatives!