Peter Hansen wrote: > In the specific case in question, Kirk's first post gave little or no > hint about how much he knew about security issues and, by asking "why?", > with a single word Steven hoped to learn enough to say things like "oh, > there's a package designed to do that which you can just plug in" or > "oh, it's clear you are totally new to issues of network security and > are about to put your foot right in it, so here's some background to > save you from yourself", or whatever...
Heh heh. For what it's worth, I did have a perfectly good reason for trying to do what might otherwise be a suicidally insane idea. On the other hand, I've been re-evaluating my needs, and I'll probably be hardcoding the more important bits of code that I was going to store in the database (in that pulling these things from the database whenever I need to use them is remarkably slow compared to letting mod_python cache them, and these particular functions are unlikely to ever change). If I do need a way to have dynamic code in the database, I've added a thing that just reflects POST data back to the database-stored PSP document in which the form was found (if the form wants it to), letting the PSP document deal with it. That should be adequate. In short, I learned something about exec and namespaces that I'm not actually going to use. Hooray! -Kirk McDonald -- http://mail.python.org/mailman/listinfo/python-list
