Mark Rowe <[EMAIL PROTECTED]> wrote in message news:<[EMAIL PROTECTED]>...
> On Mar 3, 2005, at 9:33 PM, Simon Wittber wrote:
>
> >> You mean like 'import'? :)
> >
> > That's how I would do it. It's the simplest thing, that works.
> >
> > exec("import %s as plugin" % pluginName)
> > plugin.someMethod()
> >
> > where pluginName is the name of the python file, minus the ".py"
> > extension.
>
> A better method would be something along the lines of:
>
> plugin = __import__(pluginName)
> plugin.someMethod()
>
> This avoids the potential security problem that `exec' poses as well as
> the need to parse + interpret the string.
>
What happens if you have:
.def someMethod():
. import os
. rm * # or whatever other evil thing you might thing of
Andre
--
http://mail.python.org/mailman/listinfo/python-list
