What's so wrong about execfile?
Sammo
sammo2828 at gmail.com
Fri Feb 27 22:21:53 EST 2009
Given that execfile has been removed in py3k, I want to understand
exactly why.
Okay, I get that execfile is bad from the following thread:
On Jul 29 2007, 2:39 pm, Steven D'Aprano
<st... at REMOVE.THIS.cybersource.com.au> wrote:
> (1) Don't use eval, exec or execfile.
>
> (2) If you're an expert, don't use eval, exec or execfile.
>
> (3) If you're an expert, and are fully aware of the security risks, don't
> use eval, exec or execfile.
>
> (4) If you're an expert, and are fully aware of the security risks, and
> have a task that can only be solved by using eval, exec or execfile, find
> another solution.
>
> (5) If there really is no other solution, you haven't looked hard enough.
>
> (6) If you've looked REALLY hard, and can't find another solution, AND
> you're an expert and are fully aware of the security risks, THEN you can
> think about using eval, exec or execfile.
What are some of the reasons why execfile should not be used?
What are some examples of cases where execfile is the correct way of
doing something?
More information about the Python-list
mailing list