[Openmcl-devel] make-keyword
Tim Bradshaw
tfb at tfeb.org
Thu Oct 22 01:52:28 PDT 2009
On 22 Oct 2009, at 09:32, Taoufik Dachraoui wrote:
> I implemented make-keyword using read-from-string, how is this
> compared to using intern?
Don't use READ-FROM-STRING: it can do anything at all depending on
what is in the string. Think of it as an SQL injection attack, but
much worse.
--tim
(For others on the list: I know about suppressing the read-time eval
stuff, which makes this a little better.)
More information about the Openmcl-devel
mailing list