Jal-Tarang, and a musical alarm clock in Python
Vasudev Ram’s blog on software innovation, open-source and proprietary, worldwide. Python, D, Go, FreePascal, Unix, databases, open source.
This should have been obvious to me for a longer time, but until earlier today I did not really realize the severity of the issues caused by str.format on untrusted user input. It came up as a way to bypass the Jinja2 Sandbox in a way that would permit r...Read more »