Is numexpr safe again malicious attack?
I'm considering using it in a web application, to evaluate user input text.
Asked
Active
Viewed 358 times
7
-
I am also very curious about [numexpr](https://code.google.com/p/numexpr/) and [asteval](http://newville.github.io/asteval/)? Hasn't anyone an opinion or experience about these packages? There's no end to the [eval is dangerous](http://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html) talk. [SymPy](http://docs.sympy.org/dev/index.html) may also be susceptible to malicious attack. – Mark Mikofski Aug 07 '13 at 03:18