When to use input()?

[Gerrit Holl]

Justin Sheehy wrote:
> Gerrit Holl <gerrit.holl at pobox.com> writes:
> 
> > Can someone tell me a situation to use input()?
> > Is it possible to run it in a rexec environment? If not, input() isn't
> > only useless, but also unsafe.
> > I think input() is bad because you pass the users input to eval() directly,
> > so the user can do __import__('os').system('sh'). That can't be what
> > you want.
> 
> Unless, of course, it is what you want.

Why should it be? The only situation I can think of where it is what
you want, is when writing a Python interpreter. Like idle does.
When you actually *want* eval(raw_input()).

> There are plently of situations where this isn't dangerous at all.  In
> the case of a user manually executing a non-suid script, for instance,
> they can't do anything as a result of input() that they couldn't do on
> their own anyway.

Okay, non-dangerous, but it can lead to very unexspected results.

> However, there are plenty of situations where input() is convenient,
> useful and safe.

Convenient? I can't think of a situation where it's convenient,
except when writing a Python shell. Can you give another example?
Useful? When? Only for arbitrary Python commands. And that's
almost never. I think it's the least used builtin function.
Safe, ok. 

regards,
Gerrit.