security - Possible malfunction - Python -
is possible potential user make statement true?
secret = 25134231 z = ast.literal_eval(user_input) if z == secret: access.granted()
edited more answer question... think you're getting @ making function calls user input (among other things) through literal_eval()
, , answer no, cannot done. literal_eval()
designed protect against type of input.
for contrast see below. user type access_granted()
, function run same if user typed 24134231
.
import ast def access_granted(): print 'yay' while true: secret = 25134231 user_input = raw_input('in: ') z = eval(user_input) if z == secret: access_granted()
example:
in: access_granted() yay in: 'foo' in: 25134231 yay
Comments
Post a Comment