On Apr 1, 10:29 pm, pbreit <pbreitenb...@gmail.com> wrote: > Python programmers should definitely be careful about the use of > exec but Massimo has made a very conscientious decision to use it.
I think the primary concern with the use of exec() is the danger of arbitrary code execution, because that immediately raises security concerns. However, in the way that web2py uses exec(), the code being executed is not arbitrary, and code injection is not possible because everything entered by users through the framework is sanitized.
