Eval function try to execute and interpret the string (argument) passed to it as python code. x=1 print (eval ('x+1')) Output of the above code will be 2. The disadvantage of such approach is that ,user get independence of writing code which can result in havoc conditions.Though you can restrict users from accessing many variables and methods by passing global and local parameter in eval function.
After reading the Bash man pages and with respect to this post, I am still having trouble understanding what exactly the eval command does and which would be its typical uses. For example, if we do...
The 'eval' command in Bash and its typical uses - Stack Overflow
The eval function is a powerful and easy way to dynamically generate code, so what are the caveats?
E.g., if number1 is 10, oper is +, and number2 is 20, then this makes the string '10+20', which is passed to the eval function and evaluated as 10+20. Then the evaluated value is stored in the variable result.
That is (1,eval) is an expression that yields eval (just as say, (true && eval) or (0 ? 0 : eval) would), but it's not a reference to eval. Why do you care? Well, the Ecma spec considers a reference to eval to be a "direct eval call", but an expression that merely yields eval to be an indirect one -- and indirect eval calls are guaranteed to execute in global scope. Things I still don't know ...
To the point, let's look at the dangers in the use of eval (). There are probably many small hidden dangers just like everything else, but the two big risks - the reason why eval () is considered evil - are performance and code injection. Performance - eval () runs the interpreter/compiler.