Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Object-Oriented Python

You're reading from   Mastering Object-Oriented Python Build powerful applications with reusable code using OOP design patterns and Python 3.7

Arrow left icon
Product type Paperback
Published in Jun 2019
Publisher Packt
ISBN-13 9781789531367
Length 770 pages
Edition 2nd Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Steven F. Lott Steven F. Lott
Author Profile Icon Steven F. Lott
Steven F. Lott
Arrow right icon
View More author details
Toc

Table of Contents (25) Chapters Close

Preface 1. Section 1: Tighter Integration Via Special Methods FREE CHAPTER
2. Preliminaries, Tools, and Techniques 3. The __init__() Method 4. Integrating Seamlessly - Basic Special Methods 5. Attribute Access, Properties, and Descriptors 6. The ABCs of Consistent Design 7. Using Callables and Contexts 8. Creating Containers and Collections 9. Creating Numbers 10. Decorators and Mixins - Cross-Cutting Aspects 11. Section 2: Object Serialization and Persistence
12. Serializing and Saving - JSON, YAML, Pickle, CSV, and XML 13. Storing and Retrieving Objects via Shelve 14. Storing and Retrieving Objects via SQLite 15. Transmitting and Sharing Objects 16. Configuration Files and Persistence 17. Section 3: Object-Oriented Testing and Debugging
18. Design Principles and Patterns 19. The Logging and Warning Modules 20. Designing for Testability 21. Coping with the Command Line 22. Module and Package Design 23. Quality and Documentation 24. Other Books You May Enjoy

Why exec() is a non-problem

The previous section discussed eval(); the same considerations also apply to exec().

Generally, the set of available globals() is tightly controlled. Access to the os and subprocess modules, or the __import__() function, can be eliminated by removing them from the globals provided to exec().

If you have an evil programmer who will cleverly corrupt the configuration files, then recall that they have complete access to the entire Python source. So, why would they waste time cleverly tweaking configuration files when they can just change the application code itself?

One question can be summarized like this: What if someone thinks they can monkey patch the application by forcing new code in via the configuration file? The person trying this is just as likely to break the application through a number of other equally clever or deranged channels. Avoiding...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image