Hi Jim, On 5/25/07, Jim Jewett <[EMAIL PROTECTED]> wrote: > It isn't strictly security; when I've been burned by cut-and-paste > that turned out to be an unexpected character, it didn't cause damage, > but it did take me a long time to debug.
Can you give a longer explanation because I don't understand what is the issue. Is it like the issue with confusing 0 and O ? You seemingly already have an experience with using something that is now not legal in Python. Was it in Java or .NET world? > For most people, the appearance of a Greek or Japanese (let alone > both) character would be more likely to indicate a typo. If you know > that your project is using both languages, then just allow both; the > point is that you have made an explicit decision to do so. You are missing one of my main points but it is maybe not a very strong point (the earlier email was maybe throwing away too many ideas at a time... i guess japanese sake lasts longer in the mouth :) ) * Python is dynamic (you can have a e.g. pygtk user interface which enables you to load at runtime a new .py file even to use a text view to type in a mini-script that will do something specific in your application domain): you never know what will get loaded next * Python is embeddable: and often it is to bring the power of python to less sophisticated users. You can imagine having a global system deployed all around the world by a global company enabling each user in each subsidiary to create their own extension scripts. * There is a runtime cost for checking: the speed vs. security tradeoff (for a security benefit that is still very much hypothetical in the face of the experience of Java and .NET people) should be born by the paranoid people (who are ALREADY accustomed to losing CPU cycles to RSBAC security systems). * In real life, you won't see much python programs that are not written in your script. If you are really paranoid to see evil chars take over your python src dir though, a -pedantic option as pointed out earlier should take care of all your worries. cheers, G _______________________________________________ Python-3000 mailing list Python-3000@python.org http://mail.python.org/mailman/listinfo/python-3000 Unsubscribe: http://mail.python.org/mailman/options/python-3000/archive%40mail-archive.com
