|
Training, Open Source Computer Languages |
| Home | Accessibility | Courses | Diary | The Mouth | Forum | Resources | Site Map | About Us | Contact |
|
Python security - trouble with input
The danger of Python's input function - also known as giving away your secrets to your user. If you're writing a Python program and asking your user for input, you should always use the raw_input function and never input. Why? Because what you type to input is interpretted through an expression and the result is saved into your target variable ... so not only does input assume that your user knows Python syntax, but it also opens some great little security holes. Look at this program. Something = "your toes"And look how easy it is to find out all the variables that are used inthe program, and their contents: earth-wind-and-fire$ python dainFirst run ... find out what all the defined variables are called. Second run ... start reading those variables. Ouch! (written 2006-11-30) Associated topics are indexed under Y102 - Python - Fundamentals[3917] BODMAS - the order a computer evaluates arithmetic expressions - (2012-11-09) [3886] Formatting output - why we need to, and first Python example - (2012-10-09) [3551] Some terms used in programming (Biased towards Python) - (2011-12-12) [3278] Do I need to initialise variables - programming in C, C++, Perl, PHP, Python, Ruby or Java. - (2011-05-05) [3181] Beware - a=a+b and a+=b are different - Python - (2011-02-23) [3083] Python - fresh examples from recent courses - (2010-12-11) [2778] Learning to program in Python 2 ... and / or in Python 3 - (2010-05-24) [2442] Variable storage - Perl, Tcl and Python compared - (2009-10-08) [2368] Python - fresh examples of all the fundamentals - (2009-08-20) [1878] Pascals Triangle in Python and Java - (2008-11-10) [1461] Python - input v raw input - (2007-12-06) [1448] Question on division (Java) - Also Perl, PHP, Python ... - (2007-11-28) [1430] Integer v float - Python - (2007-11-12) [748] Getting rid of variables after you have finished with them - (2006-06-06) [633] Copying a reference, or cloning - (2006-03-05) [328] Making programs easy for any user to start - (2005-05-29) 56e3
Some other Articles
1st, 2nd, 3rd revisited in RubyIt's the 1st, not the 1nd 1rd or 1th. Plain Ole nice pictures Improving the historic town of Melksham Python security - trouble with input Python collections - mutable and imutable Splitting Pythons in Bradford Christmas in November Coming from London to Melksham by train for a course What happened at Geekmas |
4084 posts, page by page
Link to page ... 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82 at 50 posts per pageThis is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.
Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).
PH: 01144 1225 708225 • FAX: 01144 1225 899360 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho
PAGE: http://www.wellho.net/mouth/956_Pyth ... input.html • PAGE BUILT: Sat Feb 23 12:39:13 2013 • BUILD SYSTEM: wizard