"bob gailer" <[EMAIL PROTECTED]> wrote > modname = raw_input() > exec "import " + modname > > That can be a security risk, in that a use could > enter "time; import os; os.rmdir('some_valuable_directory')"
Even more risky is the fact that modules can contain executable code that is run when the module is imported. If someone wrote such a module they would only need to type the filename and the exec would result in the rogue code being executed. If the rogue code had the same name as a standard module it would be extremely hard to detect. All of which are good reasons for not doing this unless you intend to build an IDE or somesuch - and even then there are better solutions! HTH, -- Alan Gauld Author of the Learn to Program web site http://www.freenetpages.co.uk/hp/alan.gauld _______________________________________________ Tutor maillist - Tutor@python.org http://mail.python.org/mailman/listinfo/tutor