[Tutor] exec vs. eval

Thu, 28 Jun 2001 17:54:42 +0800

Hi folks,

In an attempt to emulate my graphics calculator, I've started by creating a
function program. Just for background info, it works by specifying a list of
functions (or just one). Code is at the end of the email.

eg. dfunc(['y=x+1'])
eg. dfunc(['x=0'])

However at the moment, the code isn't very secure...it uses the exec()
function. As an example of how this could be utilised (and this is a very
mild example):

dfunc(['import sys','sys.exit()'])
#this will exit the interpreter

Should I be using the RExec module to fix this, or is there an easier
approach?

TIA, Andrew

###################################

def dfunc(funcs,xrange=[0,100,1]):
  values={}
  for n in range(xrange[0],xrange[1],xrange[2]):
    x=y=n
    for func in funcs: exec(func)
    values[x]=y
    return values