On Nov 30, 10:05 am, "Martin Blume" <[EMAIL PROTECTED]> wrote:
> "Bruno Desthuilliers" schrieb
>
>
>
> > >> I have a file that might contain literal python
> > >> variable statements at every line. For example
> > >> the file info.dat looks like this:
> > >> users = ["Bob", "Jane"]
> > >> status = {1:"ok",2:users[0]}
> > >> the problem is I want to read this file and load
> > >> whatever variables written in it as normal python
> > >> variable statements so that when i read the file,
> > >> my users var will be ["Bob","Jane"] and my status
> > >> var will be {1:"ok",2:users[0]} .
> > >> Is there an easy way of doing this instead of
> > >> parsing the files and checking said types?
>
> > > You might want to look at the eval, exec and execfile;
>
> > Or just import...
>
> > > but bear in in mind Paddy's warning about security.
>
> > +10
>
> If I have understood python naming scoping correctly,
> doing
> my_var="hello"
> import stuff
> print my_var
> is not the same as
> my_var="hello"
> exec open("stuff.py").read()
> print my_var
> with stuff.py containing
> my_var="bye"
It's not the same...
from stuff import *
...is.
> I use this exec open("stuff.py").read() mechanism to set
> values in my scripts: the script sets a useful default,
> a command-line argument in the form a valid python program
> may override it. Why bother with inventing or using another
> mechanism when this is perfectly simple, easy and self-explaining?
>
> The one and only thing against it is that a malicious user
> can sneak in an os.system("cd / && rm -rf *").
>
> IMHO. YMMV.
> Martin
Regards,
Jordan
--
http://mail.python.org/mailman/listinfo/python-list
