[Tutor] exec vs. eval
Andrew Wilkins
toodles@yifan.net
Thu, 28 Jun 2001 17:54:42 +0800
Hi folks,
In an attempt to emulate my graphics calculator, I've started by creating a
function program. Just for background info, it works by specifying a list of
functions (or just one). Code is at the end of the email.
eg. dfunc(['y=x+1'])
eg. dfunc(['x=0'])
However at the moment, the code isn't very secure...it uses the exec()
function. As an example of how this could be utilised (and this is a very
mild example):
dfunc(['import sys','sys.exit()'])
#this will exit the interpreter
Should I be using the RExec module to fix this, or is there an easier
approach?
TIA, Andrew
###################################
def dfunc(funcs,xrange=[0,100,1]):
values={}
for n in range(xrange[0],xrange[1],xrange[2]):
x=y=n
for func in funcs: exec(func)
values[x]=y
return values