peter at engcorp.com
Mon Nov 28 00:44:05 CET 2005
Terry Hancock wrote:
>>calad.sigilon at gmail.com wrote:
>>>One of these two ways you're not supposed to use for
>>>security reasons, but I'm spacing on which one.
> It's not a question of "security" in the usual sense, but
> the first syntax imports a lot of stuff into the current
> namespace, increasing the risk of unintentionally clobbering
> local names. So it's certainly "riskier" in the sense of
> "likely to cause bugs".
There's also the case where the names which are imported are not static.
That is, they are bound to certain objects at the time of the "import
*" but later on they can change. While this is perhaps a sign of design
problems in the imported module, the problem that results is that when
those names are rebound, modules which imported them with "*" still have
the old objects, not the new ones. Using "import module" and
referencing things with "module.name" doesn't suffer from the same
potential for problems (in addition to it being more readable etc).
More information about the Python-list