Subject: Re: What makes different things lispy or unlispy?
From: (Rob Warnock)
Date: Thu, 25 Jun 2009 21:36:49 -0500
Newsgroups: comp.lang.lisp
Message-ID: <>
Pascal J. Bourguignon <> wrote:
| The problem with strings is that you're in danger of code injection.
| Assume I write a macro (insert-index ".apples[" index "].taste") whose
| purpose is build a 'form' with the index evalualted and inserted.  If
| the index evaluates to a string such as "0];shell(\"rm -rf /\");x",
| instead of a number you may well generate:
|    ".apples[0];shell(\"rm -rf /\");x.taste" [*]

Ahhh yezzz... And let us never forget Little Bobby Tables:
    Exploits of a Mom


Rob Warnock			<>
627 26th Avenue			<URL:>
San Mateo, CA 94403		(650)572-2607