Michael Torrie <torriem <at> gmail.com> writes: > It's not possible to setuid a python script, so I don't see how execfile > or exec is any more dangerous than the user creating a shell script that > rm -rf * things, and then running it. > > Bash "exec's" scripts all the time that users create and provide. How > is this different and what issues did you have in mind, exactly? >
This is close to my reasoning too, although I appreciate Dave's concern. -- http://mail.python.org/mailman/listinfo/python-list
