Isn't the problem with eval that you are running whatever is in the var? Probabl... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

jethro_tell on May 1, 2023 | parent | context | favorite | on: Pure Sh Bible

Isn't the problem with eval that you are running whatever is in the var? Probably variable expansion but maybe not and that could be not ideal

throwawaaarrgh on May 1, 2023 [–]

Programmers do that without realizing it all the time. There's like five classes of exploits that are just programmers assuming whatever variable they are interpolating is safe because they assume their language handles all security problems for them.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact