On Tuesday 30 May 2017 10:46:08 Ruben Safir wrote: > Using eval is an unacceptable security bug for all online and public > access programs that aquire data from external non-secured sources.
Eval is exception handling. It catch problems which could be security problem (like DOS attack) to correctly handle errors and recover. Correct and secure code, like in defensing programming, should handle *all* possible errors which could come from external modules or external sources and recover from error state. And tool for this is: eval.
