Ian Bicking: the old part of his blog

What not to do

Couple of years ago I was trying to understand Tomcat, and got stuck with its security model. To the best of my grasp of the core code, Tomcat was using an XML parser and introspection against the JVM to treat a configuration file like a script. Byzantine.

Comment on Introspecting expressions in py3k
by Chris Smith