python is basically a vulnerability factory, who thought it was a good idea to have eval() and exec() just chillin in the standard lib?