http://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html
Basically, even if you try to restrict access to any and all functions and classes, you can use lambda functions and introspection to get a huge amount of access.
The most fun example in the write-up is
().__class__.__bases__[0].__subclasses__()
This gives a list of all classes instantiated to that point in the program.
No comments:
Post a Comment