The ast module in 2.6 has something... On Thu, Oct 9, 2008 at 1:34 AM, Warren DeLano <[EMAIL PROTECTED]> wrote: > > I would like to parse arbitrary insecure text string containing nested > Python data structures in eval-compatible form: > > # For example, given a "config.txt" such as: > > { > 'my_atom' : 1.20, > 'my_dict' : { 2:50 , 'hi':'mom'}, > 'my_list' : [ (1,2,3), [4.5,6.9], 'foo', 0 ] > } > > # I would like to do something like this: > > empty_space = {'__builtins__' : {}} > > try: > config = eval(open("config.txt").read(), empty_space, empty_space) > except: > config = {} > > print config > > # But I know for certain that the above approach is NOT secure since > object attributes can still be accessed... > > So is there an equally convenient yet secure alternative available for > parsing strings containing Python data structure definitions? > > Thanks in advance for any pointers! > > Cheers, > Warren > > > -- > http://mail.python.org/mailman/listinfo/python-list >
-- [EMAIL PROTECTED] http://orestis.gr -- http://mail.python.org/mailman/listinfo/python-list