funkyj wrote: > I'm interested in the same sort of config file issues. > > Unfortunately the restricted execution has fallen out of favor. My > preferred solution would be to have a configEval() function that is > just like the regular Python eval() but only accepts a subset of the > python language, e.g. creating the basic built in datatypes and > variable assignment and perhaps a short list of safe library functions: > > favoriteColors = [ 'red', 'blue', 'orange'] > props = {'fish': 7, 'cow': 'milk'} > # a comment > otherstuff = (props, favoritColors, 7) > > While currently I just write my config file in python and eval() it, > this sucks from a security standpoint (e.g. someone could replace the > config file with a python program that deletes my hard drive). Thanks > for the configObj suggestion, I'll look into that. > > making the config file XML and using xml.dom is another option, > although XML is a bit ugly to edit by hand.
On the cookbook there is a serialize and de-serialize function that works with the basic datatypes, but doesn't have the associated risks of using eval. ConfigObj is still a better solution IMHO. :-) All the best, Fuzzyman http://www.voidspace.org.uk/python/index.shtml > --jfc -- http://mail.python.org/mailman/listinfo/python-list