Re: Pystone benchmark: Win vs. Linux (again)
Franco Fiorese [EMAIL PROTECTED] writes: * Windows XP Pro: 16566.7 pystones/second * Linux (kernel 2.6.9 NPTL): 12346.2 pystones/second I have repeated the test, on Linux, also with other distributions and kernel but a relevant difference still exists with Windows offering a better performance. Is there any way, that you know, to get better performance under Linux? I hate to say this but the Windows C compiler may be beating GCC in output code. Doing anything about it may require a lot of careful profiling and tuning. -- http://mail.python.org/mailman/listinfo/python-list
Re: Who should security issues be reported to?
Paul Rubin wrote: More significantly, any security problem is likely to be with a specific function or object that has been implemented in C. False; the Cookie module example we talked about was caused by an unforeseen interaction between pure Python modules (Cookie and pickle). Fair cop on the C thing, but that example otherwise illustrates my point perfectly. Unpickling untrusted data is just as dangerous as evaluating or executing untrusted data. This is *still* dangerous, because there *is no patch* to fix the problem. There are only documentation changes to highlight the security risks associated with unpickling, and Deprecation Warnings on the Cookie classes which use this unsafe feature. So, the only effective mechanism is to get the word out to Python *users* that the feature is unsafe, and should be used with care, which basically requires telling the world about the problem. Any time Python has a problem of this sort, there is going to be at least one solution, and only possibly two: 1. Avoid the feature that represents a security risk 2. Eliminate the security risk in a maintenance update. The first solution applies regardless of whether the security risk is inherent in Python's design or not. Some obvious examples (given above) relate to execution of untrusted code. The second solution applies only to bugs in the CPython implementation and extension modules. And often, tweaking the application's Python code to avoid the dangerous features is going to be faster (and safer) than changing over to a new Python version. By keeping the process public, and clearly identifying the problematic features, application developers can immediately start working on protecting themselves, in parallel with the CPython developers (possibly) working on a new maintenance release. To go with the 72 hours + 8 example you gave - what if you could work around the broken feature in 6? I suspect we'll have to agree to disagree on this point. Where we can agree is that I certainly wouldn't be unhappy if SF had a feature like Bugzilla's security flag. Regards, Nick. -- Nick Coghlan | [EMAIL PROTECTED] | Brisbane, Australia --- http://boredomandlaziness.skystorm.net -- http://mail.python.org/mailman/listinfo/python-list
Re: boa constructor mysql
Look at the wx demos. Another idea: Use a virtual list control. In the OnGetItemText() you could do the appropriate SQL query. Workedpretty well for me. HTH Franz GEIGER Michele [EMAIL PROTECTED] schrieb im Newsbeitrag news:[EMAIL PROTECTED] I've search a lot to found how visualize a mysql table in a gui (wxpython). I think to use wxgrid to visualize this table...but I don't know how... Anyone help me? Thanks a lot for the patience. Michele -- http://mail.python.org/mailman/listinfo/python-list
Re: what's OOP's jargons and complexities?
jacob navia [EMAIL PROTECTED] writes: Good post. First article that demistifies this OO centered approach in quite a long time. I have no idea whether it was good or not, but it was blatantly off-topic in at least comp.lang.c, and probably all the other newsgroups to which it was cross-posted. Jacob, please don't encourage this kind of newsgroup abuse. -- Keith Thompson (The_Other_Keith) [EMAIL PROTECTED] http://www.ghoti.net/~kst San Diego Supercomputer Center * http://users.sdsc.edu/~kst We must do something. This is something. Therefore, we must do this. -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
Nick Coghlan [EMAIL PROTECTED] wrote: Alex Martelli wrote: Steven Bethard [EMAIL PROTECTED] wrote: ... If I could see how to go from 'object' (or 'int', 'str', 'file', etc.) to 'eval' or '__import__', that would help out a lot... object.__subclasses__() ... Traipse through these, find one class that has an unbound method, get that unbound method's func_globals, bingo. So long as any Python modules are imported using the same restricted environment their func_globals won't contain eval() or __import__ either. Sure, as long as you don't need any standard library module using eval from Python (or can suitably restrict them or the eval they use), etc, you can patch up this specific vulnerability. And C methods don't have func_globals at all. Right, I used unbound method in the specific sense of instance of types.UnboundMethodType (bound ones or any Python-coded function you can get your paws on work just as well). However, we're talking about building a custom interpreter here, so there's no It didn't seem to me that Steven's question was so restricted; and since he thanked me for my answer (which of course is probably inapplicable to some custom interpreter that's not written yet) it appears to me that my interpretation of his question was correct, and my answer useful to him. reason not to simply find the dangerous functions at the C-level and replace their bodies with PyErr_SetString(PyExc_Exception, Access to this operation not allowed in restricted build); return NULL;. Then it doesn't matter *how* you get hold of file(), it still won't work. (I can hear the capabilities folks screaming already. . .) Completely removing Python-level access to anything dangerous might be a safer approach than trying to patch one access route after another, yes. Combine that with a pre-populated read-only sys.modules and a restricted custom interpreter would be quite doable. Execute it in a separate process and things should be fairly solid. If you _can_ execute (whatever) in a separate process, then an approach based on BSD's jail or equivalent features of other OS's may be able to give you all you need, without needing other restrictions to be coded in the interpreter (or whatever else you run in that process). Alex -- http://mail.python.org/mailman/listinfo/python-list
Re: Pystone benchmark: Win vs. Linux (again)
Paul Rubin http://[EMAIL PROTECTED] wrote: Franco Fiorese [EMAIL PROTECTED] writes: * Windows XP Pro: 16566.7 pystones/second * Linux (kernel 2.6.9 NPTL): 12346.2 pystones/second I have repeated the test, on Linux, also with other distributions and kernel but a relevant difference still exists with Windows offering a better performance. Is there any way, that you know, to get better performance under Linux? I hate to say this but the Windows C compiler may be beating GCC in output code. Doing anything about it may require a lot of careful profiling and tuning. ...or (just as hypothetically) purchasing some commercial compiler might help, under the assumption that the optimization and code generation of the compiler are the issues here. I have nothing but hearsay to go on, but IBM's compiler for PPC chips, and Intel's compiler for Intel chips, appear to claim that they have excellent code generation, for example. Alex -- http://mail.python.org/mailman/listinfo/python-list
Coding style article with interesting section on white space
Thought some folks here might find this one interesting. No great revelations, just a fairly sensible piece on writing readable code :) The whole article: http://www.acmqueue.com/modules.php?name=Contentpa=showpagepid=271page=1 The section specifically on white space: http://www.acmqueue.com/modules.php?name=Contentpa=showpagepid=271page=3 Cheers, Nick. -- Nick Coghlan | [EMAIL PROTECTED] | Brisbane, Australia --- http://boredomandlaziness.skystorm.net -- http://mail.python.org/mailman/listinfo/python-list
Re: Dynamic class methods misunderstanding
Bill Mill [EMAIL PROTECTED] wrote: ... class Test: def __init__(self, method): self.m = new.instancemethod(method, self, Test) Beautiful! thank you very much. Looking into the new module in python 2.4, that's equivalent to: self.m = type(self.__init__)(method, self, Test) Another approach with the same result is to exploit the fact that a function is a descriptor: self.m = method.__get__(self, Test) Alex -- http://mail.python.org/mailman/listinfo/python-list
Re: Installing Numeric with ATLAS and LAPACK
drife wrote: Could you clarify this please? Let's say that I want to make a call to the LAPACK routine sspevd, and pass it a matrix, and get the result. How do I accomplish this? I just had a quick look, and it seems that sspevd is NOT one of the already wrapped LAPACK functions. Try dir(scipy.linalg.flapack) and dir(scipy.linalg.clapack) to see what's been already wrapped. From what I understand, wrapping more of lapack is rather easy, it's just that nobody has committed the time to 100% coverage. But this question is much better posed on the scipy list, where the people who wrote the lapack wrapping code can give you a better answer (I didn't). Cheers, f -- http://mail.python.org/mailman/listinfo/python-list
Re: Who should security issues be reported to?
Nick Coghlan [EMAIL PROTECTED] writes: Fair cop on the C thing, but that example otherwise illustrates my point perfectly. I'm not sure what point you mean. Unpickling untrusted data is just as dangerous as evaluating or executing untrusted data. This is *still* dangerous, because there *is no patch* to fix the problem. Pickle is now documented as being unsafe for untrusted data. It's just like eval now. Nobody is going to make a patch for eval that makes it safe for untrusted data. It would be nice if there were a pickle alternative that's safe to use with untrusted data, but that's sort of a separate issue (see the marshal doc thread referenced earlier). There are only documentation changes to highlight the security risks associated with unpickling, and I would say that unpickle's feature set actually changed incompatibly, since (see analysis in the sf bug thread) unpickle was originally designed to be safe. Deprecation Warnings on the Cookie classes which use this unsafe feature. Yes, that means as soon as someone uses Cookie.Cookie, their application will throw a DeprecationWarning and they have to fix the error before the app can run. So, the only effective mechanism is to get the word out to Python *users* that the feature is unsafe, and should be used with care, which basically requires telling the world about the problem. That's true, but the problem still has to be analyzed and a recommendation formulated, which can take a little while. Any time Python has a problem of this sort, there is going to be at least one solution, and only possibly two: 1. Avoid the feature that represents a security risk 2. Eliminate the security risk in a maintenance update. You forgot 3. install a patch as soon as you become aware of the problem, without waiting for a maintenance update. By keeping the process public, and clearly identifying the problematic features, application developers can immediately start working on protecting themselves, in parallel with the CPython developers (possibly) working on a new maintenance release. The hope is that during the short period in which there's a confidential bug report in the system, the number of exploits in the wild won't change. Either attackers knew about the bug already and have exploits out before the bug is even reported, or they don't know about it yet. Either way, random application developers get the bug report at the same time as attackers. So the choices are that app developers get a raw bug report and have to figure out a solution while at the same time attackers who saw the same announcement are starting to launch new exploits, or else when the app developers get the bug report, they also get a bunch of analysis from the Python developers, which can help them decide what to do next. I think they benefit from the analysis, if they can get it. Keep in mind also that the submitters of the bug reports often don't see the full implications, that the app developers also might not see, but that attackers are likely to figure out instantly. So again, it helps if the Python developers can supply some analysis of their own. Finally, some reports of security bugs turn out to not really be bugs (I've submitted a few myself that have turned out that way). That kind of thing can panic an application developer into shutting down a service unnecessarily while figuring out what to do next, often at a cost of kilobucks or worse per minute of downtime, or maybe having some lesser fire drill to figure out that the problem is a non-problem. Better to let the Python developers explain the problem and close the bug before publishing it. To go with the 72 hours + 8 example you gave - what if you could work around the broken feature in 6? If 6 hours from seeing the raw bug report are enough to analyze the problem and develop a workaround, then given not only the raw bug report but also 72 hours worth of analysis and recommendations/fixes from the developers, I should need even less than 6 hours to install a patch. I suspect we'll have to agree to disagree on this point. Where we can agree is that I certainly wouldn't be unhappy if SF had a feature like Bugzilla's security flag. I do have to say that developer responsiveness to security issues varies from one program to another. It's excellent for OpenBSD and reasonably good for Mozilla; but for Python, it's something of a weak spot, as we're seeing. -- http://mail.python.org/mailman/listinfo/python-list
Re: Pystone benchmark: Win vs. Linux (again)
[EMAIL PROTECTED] (Alex Martelli) writes: ...or (just as hypothetically) purchasing some commercial compiler might help, under the assumption that the optimization and code generation of the compiler are the issues here. I have nothing but hearsay to go on, but IBM's compiler for PPC chips, and Intel's compiler for Intel chips, appear to claim that they have excellent code generation, for example. Perhaps so. Actually that benchmark difference may have come from differing Python versions. I've heard that Intel cc typically beats gcc by 5% or so for integer code. There are various benchmarks floating around. But that Pystone measurement differed by considerably more. -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
Paul Rubin wrote: Oops, sorry, it's in the os module: http://docs.python.org/lib/os-miscfunc.html The difference is simply a matter of the packaging. No, it's not. It also is a matter of code size, and impact. Small additions can be reviewed and studied more easily, and need to be tested on less users. A new module is on a larger scale than a mere new function. Unless you're saying that if I wanted to add AES to the string module (so you could say 'spam and sausage'.aes_encrypt('swordfish banana')) instead of writing a separate module, then we wouldn't need this discussion. Indeed, if it was a single new function to an existing module, I would not require that this be delivered to users first. It is entire new libraries that I worry about. If you would propose a change to the string module to add an aes_encrypt function, I would immediately reject that patch, of course, because that function does not belong to the string module. What matters is the code complexity, not whether something is in a separate module or not. A module *is* typically more complex than a single function. If your new module has only a single new function, we should discuss whether it really needs to be a separate module. Well, if he indicates that it's not a policy and that the question is still open, then I could see getting interested again in writing an AES module. At the moment I continue to see his python-dev post as quite discouraging. And, again, I consider this perfectly fine. This would be a volunteer effort, and volunteers are free to work on whatever they please. Furthermore, people who want an AES module for Python could get one from http://sourceforge.net/projects/cryptkit/ Maybe Bryan Mongeau will contribute this code to Python some day. Not true. For example, you once invited me to work on an ancillary message feature for the socket module (SF bug 814689), and so it's been on my want-to-do-one-of-these-days list since then. I think it's reasonable for me to have taken your message there as an expression of interest, sufficient to get me to want to work on it. So it's bogus to say the Python developers should avoid expressing interest in something that hasn't already been written. I did not say that. I said we don't normally invite people to work on anything - I said not that we *should* not invite them. Now that you mention it, I find that there is an important exception from my factual statement: I do regularly ask people reporting bugs or requesting features to work fixing the bugs or implementing the features. It is perfectly fine if they say no then. If they say yes, there is an implied promise that I'll review their code when they are done. As it appears to be clear that you are not going to implement an AES module in the foreseeable future, and as it also seems to be clear that you cannot talk me into changing my views on how Python should be developed, I think further discussing this entire thing is pointless. Regards, Martin -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
In article [EMAIL PROTECTED], Alex Martelli [EMAIL PROTECTED] wrote: Steven Bethard [EMAIL PROTECTED] wrote: If I could see how to go from 'object' (or 'int', 'str', 'file', etc.) to 'eval' or '__import__', that would help out a lot... object.__subclasses__() [type 'type', type 'weakref', type 'int', type 'basestring', type 'list', type 'NoneType', type 'NotImplementedType', type 'module', type 'zipimport.zipimporter', type 'posix.stat_result', type 'posix.statvfs_result', type 'dict', type 'function', class 'site._Printer', class 'site._Helper', type 'set', type 'file'] Traipse through these, find one class that has an unbound method, get that unbound method's func_globals, bingo. One thing my company has done is written a ``safe_eval()`` that uses a regex to disable double-underscore access. -- Aahz ([EMAIL PROTECTED]) * http://www.pythoncraft.com/ 19. A language that doesn't affect the way you think about programming, is not worth knowing. --Alan Perlis -- http://mail.python.org/mailman/listinfo/python-list
Re: Textual markup languages (was Re: What YAML engine do you use?)
In article [EMAIL PROTECTED], Alan Kennedy [EMAIL PROTECTED] wrote: I think that is where a lot of markup languages fall down, in that they end trying to develop a sophisticated metadata model that can capture that kind of information, and re-engineering the markup to support it. This co-evolution of the markup and model can go horribly awry, if the designers are inexperienced or don't know where they're headed. Ayup. Fortunately, David Goodger (the primary architect of reST) has plenty of experience in this area; reST was written as a reaction to the, er, organic nature of some other experiments. Nobody involved with the reST project claims it's perfect, but most of us do think we've made good tradeoffs (just like Python ;-). Like Guido, David's also pretty comfortable saying no One more thing: reST does make it fairly easy to write self-documenting forms -- give your users boilerplate plus some simple instructions, and they should find it very easy to write their content. (I'm particularly referring to using bibliographic fields in reST -- that's easier to do with boilerplate than explain how to do correctly.) The one thing I forgot to mention in my first post is that the biggest downside to reST for non-technical users is that it's possible to write incorrect documents. With a GUI interface, you can write butt-ugly junk, but it'll never generate a syntax error. However, given your requirements, it sounds more like you're using non-technical to mean not computer experts -- those people are probably more likely to feel comfortable with getting error messages. -- Aahz ([EMAIL PROTECTED]) * http://www.pythoncraft.com/ 19. A language that doesn't affect the way you think about programming, is not worth knowing. --Alan Perlis -- http://mail.python.org/mailman/listinfo/python-list
Marketing reST (was Re: What YAML engine do you use?)
In article [EMAIL PROTECTED], Fredrik Lundh [EMAIL PROTECTED] wrote: I've read many specs; YAML (both the spec and the format) is easily among the worst ten-or-so specs I've ever seen. ReST and YAML share the same deep flaw: both formats are marketed as simple, readable formats, and at a first glance, they look simple and readable -- but in reality, they're messy as hell, and chances are that the thing you're looking at doesn't really mean what you think it means (unless you're the official ReST/YAML parser implementation). experienced designers know how to avoid that; the ReST/YAML designers don't even understand why they should. While I can see how you'd get that impression of reST, it's not true: like Python, reST is intended to be simpl*er* and readable, but not simple. The joy of reST is that I can concentrate on writing instead of formatting, just as I do when writing Usenet posts. ;-) Even after using reST for a long time, I'm still constantly looking up features that I use rarely (such as correct formatting of URLs). But reST is great because it's relatively unobtrusive. Those of us who've used reST to document code for a long time have gotten into the habit of using some reST-isms even when not writing reST: have you noticed the number of Pythonistas who use constructs like ``foo()``? Even if you didn't know it was from reST, the meaning is obvious. As you say, reST can/does get messy when you're doing complicated things, but it stays more readable than XML/DocBook. For the most part, I think I'd also have to disagree with your assertion that reST formatting doesn't do what you think it does. In cases where your statement is correct, it's either labeled as an explicit design decision (to prevent other ugliness) or it's a bug. -- Aahz ([EMAIL PROTECTED]) * http://www.pythoncraft.com/ 19. A language that doesn't affect the way you think about programming, is not worth knowing. --Alan Perlis -- http://mail.python.org/mailman/listinfo/python-list
Re: cookielib and urllib2: thread-safe?
Alex Hunsley [EMAIL PROTECTED] writes: I'm writing a test script in python for pulling web pages from a web server using urllib2 and cookielib. Since the main thing I am testing is what happens when concurrent requests are made to the web server, I need to make several requests concurrently, which I'll do from different threads in my python script. So the important question is: are cookielib and urllib2 thread safe? Are there any precautions that apply to using these libs in a multi-threaded context? urllib2: For HTTP, yes, AFAIK. For other protocols, eg. FTP, perhaps not. cookielib: No. It's currently thread-broken, simply because I've never had reason to do threaded stuff with it. There is thread synchronization code in there, but I have little doubt that it's broken, because it's untested (I should have removed the synchronization code entirely, in fact, since nobody volunteered to test fix before release: unfortunately the first beta caught me by surprise...). I won't be making it threadsafe, so don't wait for me to do it. I'm happy to help others do so. Nothing especially hard for somebody with plenty of thread experience to do, AFAIK. I had thought part of a patch had gone in which stated this thread-unsafety very prominently in the cookielib module docs, but it seems that never happened, or at least not in time for 2.4.0 -- eek! John -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
Martin v. Löwis [EMAIL PROTECTED] writes: Indeed, if it was a single new function to an existing module, I would not require that this be delivered to users first. It is entire new libraries that I worry about. Why is it different if a single new function is added to an existing module, or if the single new function has the boilerplate of a new module wrapped around it? Look at the sha and md5 modules. They are very similar in both interface and implementation. The only internal function that's really different is the update operation; they actually might have been combined into one module that did the other operations with the same code. But, it's also reasonable to have them as separate modules. If users start needing sha256, it could be done the same way, one new update operation and the rest boilerplate, but in practice it would probably be a separate module. Are you saying if there was user demand for an sha256 module and someone wrote one, you'd still require a year of separate distribution? A module *is* typically more complex than a single function. If your new module has only a single new function, we should discuss whether it really needs to be a separate module. I previously had the mistaken belief that urandom was a new module rather than a function inserted into an existing module. Note that the urandom's implementation is not ultra-trivial. An AES or DES addition to an existing module that implements just one call: ECB(key, data, direction) would be a huge improvement over what we have now. A more complete crypto module would have some additional operations, but ECB is the only one that's really essential. I already have a pure-Python module that does all the other operations using ECB as a subroutine. It's speed isn't great but it's useable in some real applications. It's only the ECB operation that's intolerably slow in Python. If you think a function like that could be added to some existing module with less hassle than adding a new module, then I can write one and submit it. Well, if he indicates that it's not a policy and that the question is still open, then I could see getting interested again in writing an AES module. At the moment I continue to see his python-dev post as quite discouraging. And, again, I consider this perfectly fine. This would be a volunteer effort, and volunteers are free to work on whatever they please. Well, volunteers are more likely to work on modules that are mentioned as being welcome by the developers, than modules affected by explicit prior developers' public decisions that cast a chill over the hope of ever getting such a module accepted. Furthermore, people who want an AES module for Python could get one from Come on, you're being deliberately obtuse, we've discussed this over and over. There are plenty of AES modules that people can get from somewhere. The topic is what it takes to have an AES module that people don't NEED to get from anywhere, because they already have it from having Python installed. Do I have to keep repeating batteries included until you understand what it means? http://sourceforge.net/projects/cryptkit/ Maybe Bryan Mongeau will contribute this code to Python some day. Well, that code has been around for over a year, people are using it, etc. Are you saying you'll support its inclusion if Bryan offers to contribute it? I've examined that module, I wouldn't consider it ideal for the core (besides AES, it has some complicated additional functions that aren't useful to most people), but it would certainly take care of my AES needs (it's apparently missing DES though). I did not say that. I said we don't normally invite people to work on anything - I said not that we *should* not invite them. I would say that inviting people to work on a module for the stdlib means the developers have thought about whether such a module would be useful and worth including, and are indicating that they're favorable to the idea. However, you wrote: In Message-ID: [EMAIL PROTECTED] So if the module was primarily written to be included in the core, I would initially reject it for that very reason. After one year or so in its life, and a recognizable user base, inclusion can be considered. The context was new modules in general, not specifically an AES module. Since considered means thought about, so you said inclusion shouldn't even be thought about until the module is already done. That's completely in conflict with the idea of inviting anyone to work on a new module, since inviting means that there's been some thought. Now that you mention it, I find that there is an important exception from my factual statement: I do regularly ask people reporting bugs or requesting features to work fixing the bugs or implementing the features. It is perfectly fine if they say no then. If they say yes, there is an implied promise that I'll review their code when they are done. I would say
Re: what's OOP's jargons and complexities?
On Jan 29, 2005, at 04:28, [EMAIL PROTECTED] wrote: Plus, a man which such cinematographic tastes [1] cannot be entirely bad :P http://xahlee.org/PageTwo_dir/Personal_dir/favorite_movies.html The site proves he is evil. Grep Titus if you have a strong stomach. I'm sure you did not get that far. I went all the way down with Ms Carrera :P http://xahlee.org/PageTwo_dir/Personal_dir/porn_movies.html At least give him credit for listing Caro's and Jeunet's La Cité des enfants perdus: http://www.imdb.com/title/tt0112682/ After all, it's not always easy Being John Malkovich: http://us.imdb.com/title/tt0120601/ Specially when you are Leaving Las Vegas. http://us.imdb.com/title/tt0113627/ In any case, these are just Sex, Lies, and Videotape: http://us.imdb.com/title/tt0098724/ Perhaps getting Bound to those Heavenly Creatures is too Exotica for you? http://us.imdb.com/title/tt0115736/ http://us.imdb.com/title/tt0110005/ http://us.imdb.com/title/tt0109759/ But lets not play The Crying Game: http://www.imdb.com/title/tt0104036/ This is all Pulp Fiction anyway: http://us.imdb.com/title/tt0110912/ Time to Run Lola Run to Brazil: http://us.imdb.com/title/tt0130827/ http://us.imdb.com/title/tt0088846/ Before Blade Runner tracks you down: http://us.imdb.com/title/tt0083658/ Cheers -- PA, Onnay Equitursay http://alt.textdrive.com/ -- http://mail.python.org/mailman/listinfo/python-list
Re: An mysql-python tutorial?
Dfenestr8 wrote: Hi. Been told by the admin of my (free!) server that he'd rather I should learn to use mysql if I want to continue writing cgi scripts there. Not even sure exactly what mysql is. Is there a simple tutorial anywhere on the web about using python + mysql? http://www.devshed.com/c/a/Python/MySQL-Connectivity-With-Python/ that one put me on the right track (I think ;) -- EuGeNe [ www.boardkulture.com www.actiphot.com www.xsbar.com ] -- http://mail.python.org/mailman/listinfo/python-list
future of computing languages
Quite suprised while reading the Amazin c2.com Wiki: http://c2.com/cgi/wiki?FutureOfProgrammingLanguages Take a look, and feel incredible good about yourself your decision to opt for python. Did work for me. Cheers, Jelle. -- http://mail.python.org/mailman/listinfo/python-list
Re: Maximum Number of Class Attributes
On Wed, 26 Jan 2005 10:03:47 +0100, Sylvain Thenault [EMAIL PROTECTED] wrote: On Wed, 26 Jan 2005 02:03:12 +, Bob Parnes wrote: In its default configuration, my version of pylint (0.5.0) sets the maximum number of class attributes at 7. This seems low to me, but I can see how an excessive number might make maintenance more difficult. Is this indeed the best value for a maximum under ordinary conditions? If not, can anyone suggest a more reasonable value? well, this value is very subjective, and may change from one context to another... For instance at some point I hope that pylint will detect GUI classes and allow more attributes (and methods?) to those. Anyway that's just an indicator, not a rule of thumb (and pylint itself has some class with more than 7 attributes...). And FYI, this value has been taken from a post to the testdrivendevelopment at yahoogroups (as most others default values in the design analysis checker). Hum, well... After checking it seems that the post said 20 attributes. I don't remember why did i get this number down to 7. If this discussion leads to an agreement for a better number, I can change the default value. -- Sylvain Thénault LOGILAB, Paris (France). http://www.logilab.com http://www.logilab.fr http://www.logilab.org Thanks for the information. I *am* using gui classes. -- Bob Parnes [EMAIL PROTECTED] -- http://mail.python.org/mailman/listinfo/python-list
Re: Help with web dashboard
Chris wrote: In article [EMAIL PROTECTED], [EMAIL PROTECTED] says... Ifd you want to use standard CGI I've written a CGI user authentication/management module called logintools. Would this be preferred (or easier) than using an application server (ie. Zope or Webware)? If possible, I think it would be nice if the security aspect of it was already built-in so I would not need to write/test it myself. Thanks for your help. For simple applications, writing CGIs is going to be quite a lot easier than using something like Zope. If your final product is big and complex then CGIs probably aren't suitable anyway. logintools is a module providing user authentication/administration and user management specifically for CGIs. Regards, Fuzzy http://www.voidspace.org.uk/python/index.shtml -- http://mail.python.org/mailman/listinfo/python-list
Re: what's OOP's jargons and complexities?
On Jan 29, 2005, at 08:34, jacob navia wrote: First article that demistifies this OO centered approach in quite a long time. http://www.google.com/search?q=OOP+criticismie=UTF-8oe=UTF-8 http://www.google.com/search?hl=enlr=q=OOP+debunkedbtnG=Search Cheers -- PA, Onnay Equitursay http://alt.textdrive.com/ -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
http://www.python.org/pypi THIS IS ALL PYTHON. Paul No. Those are programs people have written in Python or as Python Paul extensions. What's your point? That I have to download and perhaps install them to use them? In that case, how are these two scenarios different: * I have to download and build the MySQLdb package to talk to MySQL servers from Python code * I have to ensure that the readline library and include files are installed on my system before the readline module (which is included in the core distribution) can be built I and many other people happily use external packages other people have written as well as make stuff available. My guess is that you do as well. If everyone adopted your position that it wasn't Python unless it had been added to the core, we'd all be reinventing lots of wheels or tackling much less challenging tasks, if we programmed in Python at all. Here's an incomplete list of stuff not in the core I have used happily over the past several years to do my jobs using Python: * MySQLdb, Sqlite, pycopg, sybase-python - all database modules * CSV, Object Craft's csv, DSV - csv modules predating csv in the core * SpamBayes * Quixote * Docutils * MoinMoin * Pyrex * Psyco * PyInline * PyGTK * xmlrpclib before it was in the core * MAL's mx.DateTime before the core datetime module was available * timeout_socket before sockets supported timeouts Many of those things I could never have written myself, either for lack of time, lack of skill or both. I'm grateful they were available when I needed them and feel no qualms about using them even though they are not distributed with Python proper. Notice another interesting feature of several of those items: csv, xmlrpclib, mx.DateTime, timeout_socket. They were all modules I used that eventually wound up in the core in some fashion. They didn't go in the core first, then demonstrate their usefulness. It was the other way around. Not everything that is useful belongs in the core distribution. I think you are confusing batteries included with everything, including the kitchen sink. Skip -- http://mail.python.org/mailman/listinfo/python-list
Re: Who should security issues be reported to?
Nick Upgrading your Python interpreter (even to a new maintenance Nick branch release) in a production environment is usually a fairly Nick involved exercise requiring a significant amount of testing, and Nick the fact of the matter is, you're unlikely to do so unless there Nick is some feature or bug-fix in a new version that you really Nick need. (I'm still using Python 2.2.2 at work - it's entirely Nick adequate for our needs, so there's no real pressure to upgrade on Nick the current project. For a new project, I'd probably start with Nick 2.4, planning to go to 2.4.1 in a couple of months time, but there Nick aren't really any post-2.2 additions to Python that I can't handle Nick living without). Still, if a security bug was serious enough, my guess is that someone would step up to supply patches (or Windows installers) for any of a number of versions that were affected by the bug, even 2.1 or 1.5.2. That someone might or might not be part of the core development team. That nothing like that has been done before doesn't preclude it being done in the future. Skip -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
What matters is the code complexity, not whether something is in a separate module or not. Martin A module *is* typically more complex than a single function. And one that deals with cryptography is likely to be even more complex. Skip -- http://mail.python.org/mailman/listinfo/python-list
The next Xah-lee post contest
Hi All, For sometime now, I have just been a passive lurker on this list. Of late I saw an increase in the number of posts by Xah Lee, and I have to admit, what he lacks in understanding of the various programming languages he talks about, he makes up for in creativity. So, I was wondering, how would it be to be Mr Lee. That got me thinking of his next post. Well, I know through my days of lurking around, a lot of people here love creative challenges ...so here's one for you. Write up the next Xah Lee post ! The requirement are: a) The post should talk about a single language, although the example code needn't adhere to that restriction. b) It should explain the style, structure and design of some code snippet/program, though not necessarily of the same code snippet/program mentioned in the post. c) Should be written in English ... respect to English grammar is not mandatory. d) It *must* be flammable. Here's my contribution (tho' I'm not really in my most creative frame of mind): -- perl is fucked ! Its a language named with a word that can't even pass through spell-checker. What kind of programming language has a scalar variable but the array is not called vector ...it is array. Also the list comprehension feature of the language is entirely anal. Example $list = { i for i in range(100) } now is $list a function ?? No it's is an array . -- ..phew, this is hard !! I'll have another go later. You are welcomed to participate. Regards Steve -- http://mail.python.org/mailman/listinfo/python-list
Re: Coding style article with interesting section on white space
Thanx Nick -- http://mail.python.org/mailman/listinfo/python-list
Re: The next Xah-lee post contest
On Jan 29, 2005, at 14:35, Steve wrote: Write up the next Xah Lee post ! The requirement are: a) The post should talk about a single language, although the example code needn't adhere to that restriction. b) It should explain the style, structure and design of some code snippet/program, though not necessarily of the same code snippet/program mentioned in the post. c) Should be written in English ... respect to English grammar is not mandatory. d) It *must* be flammable. Oh, my... this is going to be so much fun 8^) Here's my contribution (tho' I'm not really in my most creative frame of mind): Master the ways of the Xah, young Steve: Pathetically Elational Regex Language, aka Pathological Euphoric Retching Language (A commentary on Perl) http://www.xahlee.org/UnixResource_dir/perlr.html Cheers -- PA, Onnay Equitursay http://alt.textdrive.com/ -- http://mail.python.org/mailman/listinfo/python-list
Re: The next Xah-lee post contest
On Jan 29, 2005, at 14:35, Steve wrote: Here's my contribution (tho' I'm not really in my most creative frame of mind): Not being very creative myself, here is a contribution by proxy: Unlike Java programmers, who are hip on the outside, dreary conformists on the inside, Smalltalk programmers are a bunch of faded flower children who listen to Mantovani and the Star Wars soundtrack. They are 68% more likely to be Clinton supporters and 94% of them laughed when Bob Dole fell down in the last election campaign. Most Smalltalk programmers smoke weak pot and hide their stash from their kids (who are Java programmers). -- Steve Wart, why Smalltalk never caught on http://hoho.dyndns.org/~holger/smalltalk.html Cheers -- PA, Onnay Equitursay http://alt.textdrive.com/ -- http://mail.python.org/mailman/listinfo/python-list
Re: The next Xah-lee post contest
Steve wrote: Hi All, For sometime now, I have just been a passive lurker on this list. Of late I saw an increase in the number of posts by Xah Lee, and I have to admit, what he lacks in understanding of the various programming languages he talks about, he makes up for in creativity. So, I was wondering, how would it be to be Mr Lee. That got me thinking of his next post. Well, I know through my days of lurking around, a lot of people here love creative challenges ...so here's one for you. Write up the next Xah Lee post... Unix donkey! You not elegant. You have poor design. Sloppy Perl monkey! You be lazy! You code very very bad. Xah know all! -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
Aahz [EMAIL PROTECTED] wrote: ... object.__subclasses__() ... One thing my company has done is written a ``safe_eval()`` that uses a regex to disable double-underscore access. will the regex catch getattr(object, 'subclasses'.join(['_'*2]*2)...?-) Alex -- http://mail.python.org/mailman/listinfo/python-list
Re: The next Xah-lee post contest
On Sat, 29 Jan 2005 19:05:55 +0530, Steve [EMAIL PROTECTED] wrote: Hi All, For sometime now, I have just been a passive lurker on this list. Of late I saw an increase in the number of posts by Xah Lee, and I have to admit, what he lacks in understanding of the various programming languages he talks about, he makes up for in creativity. So, I was wondering, how would it be to be Mr Lee. That got me thinking of his next post. Well, I know through my days of lurking around, a lot of people here love creative challenges ...so here's one for you. Write up the next Xah Lee post ! The requirement are: a) The post should talk about a single language, although the example code needn't adhere to that restriction. b) It should explain the style, structure and design of some code snippet/program, though not necessarily of the same code snippet/program mentioned in the post. c) Should be written in English ... respect to English grammar is not mandatory. d) It *must* be flammable. If you need to do more research for the posting style, I recommend the following links: http://netscan.research.microsoft.com/Static/author/authorProfile.asp?searchfor=xah%40xahlee.org http://groups-beta.google.com/groups?q=%22Xah+Lee%22 Interesting to note that xah posted as far back as '02 asking for help with python, as he was porting perl web applications. Which leads me to conclude he is not a beginner being stupid, but somone who has been around long enough to know better. Stephen. -- http://mail.python.org/mailman/listinfo/python-list
Re: The next Xah-lee post contest
On Jan 29, 2005, at 15:32, rbt wrote: Unix donkey! You not elegant. You have poor design. Sloppy Perl monkey! You be lazy! You code very very bad. Xah know all! Follow The True Path, follow The Xah Way To Enlightenment: The Unix Pestilence http://www.xahlee.org/UnixResource_dir/freebooks.html Cheers -- PA, Onnay Equitursay http://alt.textdrive.com/ -- http://mail.python.org/mailman/listinfo/python-list
Re: Textual markup languages (was Re: What YAML engine do you use?)
On Sun, 2005-01-23 at 13:41 +0100, Fredrik Lundh wrote: Alan Kennedy wrote: If I can't find such a markup language, then I might instead end up using a WYSIWYG editing component that gives the user a GUI and generates (x)html. htmlArea: http://www.htmlarea.com/ Editlet: http://www.editlet.com/ But I'd prefer a markup solution. some of these are amazingly usable. have you asked your users what they prefer? (or maybe you are your user? ;-) Most users prefer to write documents in word and then paste them into textareas. Not surprisingly means no semantic content, little chance of restyling, horrible encoding problems and far too long spent on the phone trying to explain why it's not a good idea. Giving users a wysiwyg textarea creates the problems that users start to spend time trying to create a 'styled' document, inevitably sacrificing semantics (many is the user that has applied a header style to make things bold or a quote sytle to indent a paragraph). Using text based layouts reinforces the perception that you aren't creating a styled document and that the semantic structure is important. People who have used non-wysiwyg editors have found that their initial reticence has been quickly overtaken by their joy at not having to fight with 'style' and the reassurance that their content is now 'redesign proof'. Tim Parkin http://www.pollenation.net -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
One thing my company has done is written a ``safe_eval()`` that uses a regex to disable double-underscore access. Alex will the regex catch getattr(object, Alex 'subclasses'.join(['_'*2]*2)...?-) Now he has two problems. ;-) Skip -- http://mail.python.org/mailman/listinfo/python-list
Re: Coding style article with interesting section on white space
Nick Coghlan wrote: Thought some folks here might find this one interesting. No great revelations, just a fairly sensible piece on writing readable code :) The whole article: http://www.acmqueue.com/modules.php?name=Contentpa=showpagepid=271page=1 The section specifically on white space: http://www.acmqueue.com/modules.php?name=Contentpa=showpagepid=271page=3 The suggestions in the cited article, How Not to Write FORTRAN in Any Language, are reasonable but elementary and can be followed in Fortran 90/95/2003 as well as any other language. What infuriates me is that the author writes as if Fortran has not evolved since the 1960s. It has. To be specific, Fortran 90 (1) allows variable names up to 31 characters long (2) has a free source form where (a) there are no rigid rules about starting code in a certain column (b) white space is significant (3) has a full set of control structures -- goto's are almost never needed More detailed rebuttals of the article are in the archives of the Fortran 90 discussion group at http://www.jiscmail.ac.uk/cgi-bin/webadmin?A1=ind0501L=comp-fortran-90 -- search for Fortran bashing. Python looks more like Fortran 90 than one of the curly-brace/semicolon languages, and both languages have modules and array slices. One ought to do a little research before publishing an article. Apparently, many authors and editors are too lazy to do so. -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
On Sat, 29 Jan 2005 08:53:45 -0600, Skip Montanaro [EMAIL PROTECTED] wrote: One thing my company has done is written a ``safe_eval()`` that uses a regex to disable double-underscore access. Alex will the regex catch getattr(object, Alex 'subclasses'.join(['_'*2]*2)...?-) Now he has two problems. ;-) I nearly asked that question, then I realised that 'getattr' is quite easy to remove from the global namespace for the code in question, and assumed that they had already thought of that. Stephen. -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
Skip Montanaro [EMAIL PROTECTED] writes: What's your point? That I have to download and perhaps install them to use them? In that case, how are these two scenarios different: * I have to download and build the MySQLdb package to talk to MySQL servers from Python code * I have to ensure that the readline library and include files are installed on my system before the readline module (which is included in the core distribution) can be built The difference is that once Python is installed on your machine and you can get a prompt, you have readline available right away but you have to download something to use MySQLdb. Whoever took care of your Python installation, and it may not have been you, also took care of readline. The past several OS distributions I've installed have included Python and readline out of the box, so I never had to think about readline. The last time I used a Python instance that didn't come with the OS (on Windows XP at work), the IT department had installed Python on my desktop before I started using it, so I still didn't have to worry about readline. But any module that doesn't come in the distro, I have to download myself. I and many other people happily use external packages other people have written as well as make stuff available. My guess is that you do as well. No, I don't. I do use them sometimes but I'm unhappy about them. If I can write something using a core module instead of an external module, I prefer to use the core module. So I'll generally use dbm instead of MySQL unless I really need MySQL, which I haven't yet in Python (I've used MySQL with Perl dbi, but Perl, you know, shudder). Also, external module installation scripts often don't work properly, so I end up having to wrestle the code to get it installed. And if a geek like me has such trouble installing external modules, what hope does a normal end-user have? Maybe if you're using Windows, that stuff has been debugged better, but I've had poor results under GNU/Linux. I've had this discussion here before, maybe not with you. What I really want is zero installations of anything. I just want to go to the store and buy a new computer and have a complete OS install with full sources and a full set of applications including Python already installed when I first power it up. My practical approximation is to buy a new computer, immediately reformat the HD to remove the icky Redmond virus, and then install a GNU/Linux distro that includes Python (and readline). If Python really aims for world domination, that means it has to shoot for being preinstalled on almost every new computer the way Windows is now. And all the interesting modules should be there, maybe in a contrib directory that gets little or no maintenance priority from the core team. If everyone adopted your position that it wasn't Python unless it had been added to the core, we'd all be reinventing lots of wheels or tackling much less challenging tasks, if we programmed in Python at all. Here's an incomplete list of stuff not in the core I have used happily over the past several years to do my jobs using Python: That makes no sense at all. That list is a list of programs written in the Python language. They are Python programs, where Python is an adjective. Python, the noun referring to a piece of software, generally means the stuff in the Python distro. That doesn't stop programs outside the distro from being useful. Mediawiki is a PHP program. That doesn't mean Mediawiki is part of PHP. * MySQLdb, Sqlite, pycopg, sybase-python - all database modules These should all be in the core if Python wants to be a serious competitor to PHP, which comes with interfaces for those db's and several additional ones besides. That these modules are missing are a significant library deficiency. * CSV, Object Craft's csv, DSV - csv modules predating csv in the core That's fixed now, csv is in the core. * SpamBayes I have the impression this is an application and not a module, or anyway is written mainly to support one application. Should be separate. Also, it's written in Python(?) rather than C, which means the installation headaches from not being in the core aren't so bad. * Quixote Don't know what this is. * Docutils Should be in the core if it's what I think it is. * MoinMoin Application, should be separate. Also, GPL'd, I think. Can't be distributed under PSF license. * Pyrex Sort of problematic, would be interesting to have something like this in the core but maybe Pyrex as it currently stands isn't the answer. I have the impression that PyPy is going to depend on Pyrex in a fundamental way, so it will have to be in the core when we dump CPython. * Psyco I think this isn't ready for prime time yet. Should go into the core once it is. * PyInline Not sure what this is. * PyGTK wxPython might be a better choice.
Re: What's so funny? WAS Re: rotor replacement
Skip Montanaro [EMAIL PROTECTED] writes: And one that deals with cryptography is likely to be even more complex. No. The AES module would have about the same complexity as the SHA module. -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
Paul Rubin http://[EMAIL PROTECTED] writes: actually: mxCrypto is the most capable of these packages and might be the one with the most users, but it's completely unsuitable for the core because of its size). Oops, I should say, mxCrypto itself isn't that large; the issue is that it needs OpenSSL which is a big unwieldy program. Having mxCrypto in the core as an OpenSSL interface is a legitimate notion. But there should be something that doesn't depend on OpenSSL. -- http://mail.python.org/mailman/listinfo/python-list
Re: An mysql-python tutorial?
It's a pretty good tutorial, thought I would recommend you forget about the fetchone() example. The example below demonstrates three additional features that will make your life easier: MySQL option files, tuple unpacking, and cursors as iterators (fourth feature: the default host is localhost; this is rapidly turning into the Spanish Inquisition sketch): #!/usr/bin/python import MySQLdb db = MySQLdb.connect(db=db56a, read_default_file=~/.my.cnf) cursor = db.cursor() cursor.execute(SELECT name, species FROM animals) for name, species in cursor: print name, --, species (I also shy away from doing SELECT *; what if your schema changes?) (If the indentation is hosed, blame Google Groups.) -- http://mail.python.org/mailman/listinfo/python-list
Line graphics on Linux console
Hi all I don't think this is strictly a Python problem, but as it manifests itself in one of my Python programs, I am hoping that somebody in this group can help me. The following is a message I sent to co.os.linux.setup - My question concerns line graphics on a text-based console. My actual problem relates to a [Python] program I have written using ncurses, but you can easily test it by running a program like minicom. If you call up the minicom menu, it should be surrounded by a nice box made up of horizontal and vertical lines, corners, etc. It used to work up until Redhat 7. Since upgrading to Redhat 9, and now Fedora, it (and my program) has stopped working. I received the following reply from Thomas Dickey - That's because Redhat uses UTF-8 locales, and the Linux console ignores vt100 line-drawing when it is set for UTF-8. (screen also does this). ncurses checks for $TERM containing linux or screen (since there's no better clues for the breakage) when the encoding is UTF-8, and doesn't try to use those escapes (so you would get +'s and -'s). compiling/linking with libncursesw would get the lines back for a properly-written program. I don't really understand the last sentence. Does anyone know if it is possible to do this (or anything else) or am I stuck. TIA for any advice. Frank Millman -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
Stephen Thorne [EMAIL PROTECTED] wrote: On Sat, 29 Jan 2005 08:53:45 -0600, Skip Montanaro [EMAIL PROTECTED] wrote: One thing my company has done is written a ``safe_eval()`` that uses a regex to disable double-underscore access. Alex will the regex catch getattr(object, Alex 'subclasses'.join(['_'*2]*2)...?-) Now he has two problems. ;-) I nearly asked that question, then I realised that 'getattr' is quite easy to remove from the global namespace for the code in question, and assumed that they had already thought of that. OK then -- vars(type(object)) is a dict which has [[the unbound-method equivalent of]] object.__subclasses__ at its entry for key '__subclasses__'. Scratch 'vars' in addition to 'getattr'. And 'eval' of course, or else building up the string 'object.__subclasses__' (in a way the regex won't catch) then eval'ing it is easy. I dunno, maybe I'm just being pessimistic, I guess... Alex -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
In article [EMAIL PROTECTED], Alex Martelli [EMAIL PROTECTED] wrote: Aahz [EMAIL PROTECTED] wrote: Alex Martelli deleted his own attribution: object.__subclasses__() One thing my company has done is written a ``safe_eval()`` that uses a regex to disable double-underscore access. will the regex catch getattr(object, 'subclasses'.join(['_'*2]*2)...?-) Heheh. No. Then again, security is only as strong as its weakest link, and that quick hack makes this part of our application as secure as the rest. -- Aahz ([EMAIL PROTECTED]) * http://www.pythoncraft.com/ 19. A language that doesn't affect the way you think about programming, is not worth knowing. --Alan Perlis -- http://mail.python.org/mailman/listinfo/python-list
Re: Who should security issues be reported to?
In article [EMAIL PROTECTED], Skip Montanaro [EMAIL PROTECTED] wrote: Nick Upgrading your Python interpreter (even to a new maintenance Nick branch release) in a production environment is usually a fairly Nick involved exercise requiring a significant amount of testing, and Nick the fact of the matter is, you're unlikely to do so unless there Nick is some feature or bug-fix in a new version that you really Nick need. (I'm still using Python 2.2.2 at work - it's entirely Nick adequate for our needs, so there's no real pressure to upgrade on Nick the current project. For a new project, I'd probably start with Nick 2.4, planning to go to 2.4.1 in a couple of months time, but there Nick aren't really any post-2.2 additions to Python that I can't handle Nick living without). Still, if a security bug was serious enough, my guess is that someone would step up to supply patches (or Windows installers) for any of a number of versions that were affected by the bug, even 2.1 or 1.5.2. That someone might or might not be part of the core development team. That nothing like that has been done before doesn't preclude it being done in the future. While true, such coordination also requires public discussion, given the way the Python community works. Which obviates the OPs request for private correspondence. -- Aahz ([EMAIL PROTECTED]) * http://www.pythoncraft.com/ 19. A language that doesn't affect the way you think about programming, is not worth knowing. --Alan Perlis -- http://mail.python.org/mailman/listinfo/python-list
Re: Coding style article with interesting section on white space
In article [EMAIL PROTECTED], [EMAIL PROTECTED] wrote: . . . One ought to do a little research before publishing an article. Apparently, many authors and editors are too lazy to do so. ... and/or ignorant or uncultured. Also, don't forget to excoriate the publishers and editors, too cheap and/or otherwise constrained to edit/fact-check/review/... -- http://mail.python.org/mailman/listinfo/python-list
ANN: eric3 3.6.1 released
Hi, this is to let all of you know, that eric3 3.6.1 has just been released. It fixes a few nasty bugs, which were reported since the last release. It is available via http://www.die-offenbachs.de/detlev/eric3.html Eric3 is an Integrated Development Environment for Python. For details please see the above mentioned URL. Regards, Detlev -- Detlev Offenbach [EMAIL PROTECTED] -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
Paul Rubin wrote: An AES or DES addition to an existing module that implements just one call: ECB(key, data, direction) would be a huge improvement over what we have now. Apparently, people disagree on what precisely the API should be. E.g. cryptkit has obj = aes(key) obj.encrypt(data) I think I would prefer explicit encrypt/decrypt methods over a direction parameter. Whether or not selection of mode is a separate parameter, or a separate method, might be debatable - I'ld personally prefer a separate method. However, we would have to ask users. If you think a function like that could be added to some existing module with less hassle than adding a new module, then I can write one and submit it. I would trust my intuition more for a single function than for an entire API. In this specific proposal, I think I would trust my intuition and reject the ECB function because of the direction argument. Come on, you're being deliberately obtuse, we've discussed this over and over. There are plenty of AES modules that people can get from somewhere. The topic is what it takes to have an AES module that people don't NEED to get from anywhere, because they already have it from having Python installed. Do I have to keep repeating batteries included until you understand what it means? I fully understand what you desire - to include the module as a battery. What makes this decision difficult is that you fail to understand that I don't want included batteries so much that I would accept empty or leaking batteries. http://sourceforge.net/projects/cryptkit/ Well, that code has been around for over a year, people are using it, etc. Are you saying you'll support its inclusion if Bryan offers to contribute it? *Now* you get it. Precisely that. I would ask the users what they think about the API (shouldn't be too difficult because the module does have users) and what they think about other aspects (performance, stability, and so on). I've examined that module, I wouldn't consider it ideal for the core (besides AES, it has some complicated additional functions that aren't useful to most people) Ok, that would be a problem. If this is a simple removal of functions that you'ld request (which functions?), I'ld try to collect opinions on that specific issue, and ask Bryan whether he could accept removal of these functions. So if the module was primarily written to be included in the core, I would initially reject it for that very reason. After one year or so in its life, and a recognizable user base, inclusion can be considered. The context was new modules in general, not specifically an AES module. Since considered means thought about, so you said inclusion shouldn't even be thought about until the module is already done. That's completely in conflict with the idea of inviting anyone to work on a new module, since inviting means that there's been some thought. I rarely invite people to work on new modules. For new modules, I normally propose that they develop the module, and ship it to users for some time. I may have made exceptions to this rule in the past, e.g. when the proposal is to simply wrap an existing C API in a Python module (like shadow passwords). In this case, both the interface and the implementation are straight-forward, and I expect no surprises. For an AES module (or most other modules), I do expect surprises. I would say there's an implied promise of something more than a code review. There's an implied statement that you agree that the proposed new functionality is useful, which means the patch has a good chance of being accepted to the stdlib if it's not too messy or cumbersome. I have said many times that I am in favour of including an AES implementation in the Python distribution, e.g. in http://mail.python.org/pipermail/python-dev/2003-April/034963.html What I cannot promise is to include *your* AES implementation, not without getting user feedback first. The whole notion of creating the module from scratch just to include it in the core strikes me as odd - when there are so many AES implementations out there already that have been proven useful to users. So let me just ask you one final question: suppose I do all that stuff. The question: in your personal opinion, based on the best information you have, what is the your own subjective estimate of the probability? Eventually, with hard work, I estimate the chances at, say, 90%. That is, eventually, unless the code itself shows flaws, the module *will* be included. However, initially, when first proposed, the chances are rather like 10%. I.e. people will initially object. Decision processes take their time, and valid concerns must be responded to. I personally think that there is a good response to each concern, but it will take time to find it. Before that, it will take time to find out what precisely the concern is. Regards, Martin -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
Paul Rubin wrote: (And actually: mxCrypto is the most capable of these packages and might be the one with the most users, but it's completely unsuitable for the core because of its size). mxCrypto is primarily unsuitable for the core because Marc-Andre Lemburg will never ever contribute it. He is very concerned about including crypto code with the Python distribution, so he certainly won't contribute his own. Regards, Martin -- http://mail.python.org/mailman/listinfo/python-list
Description Field in WinXP Services
How does one associate a Description with a Windows service written in Python? I've just started experimenting with Python services. Here's my code... copied straight from Mr. Hammond's Python Programming on Win32: import win32serviceutil import win32service import win32event class test_py_service(win32serviceutil.ServiceFramework): _svc_name_ = test_py_service ## Tried the following to no avail. _svc_description_ = Test written by Brad _svc_display_name_ = Test Python Service def __init__(self, args): win32serviceutil.ServiceFramework.__init__(self, args) self.hWaitStop = win32event.CreateEvent(None, 0, 0, None) def SvcStop(self): self.ReportServiceStatus(win32service.SERVICE_STOP_PENDING) win32event.SetEvent(self.hWaitStop) def SvcDoRun(self): win32event.WaitForSingleObject(self.hWaitStop, win32event.INFINITE) if __name__ == '__main__': win32serviceutil.HandleCommandLine(test_py_service) -- http://mail.python.org/mailman/listinfo/python-list
Re: An mysql-python tutorial?
On Sat, 29 Jan 2005 06:41:37 +, Kartic wrote: [snip] And here is one more site, good stuff here too:- http://www.kitebird.com/articles/pydbapi.html Hi. I followed the instructions there, tried out the test script they recommend. Can you tell me why this command, in the python interpreter: conn = MySQLdb.connect (host = localhost, user = flipper, passwd = [hidden], db = mydb) produces this error: Traceback (most recent call last): File stdin, line 1, in ? File /usr/lib/python2.3/site-packages/MySQLdb/__init__.py, line 63, in Connect return apply(Connection, args, kwargs) File /usr/lib/python2.3/site-packages/MySQLdb/connections.py, line 115, in __init__ self._make_connection(args, kwargs2) File /usr/lib/python2.3/site-packages/MySQLdb/connections.py, line 41, in _make_connection apply(super(ConnectionBase, self).__init__, args, kwargs) _mysql_exceptions.OperationalError: (1045, Access denied for user: '[EMAIL PROTECTED]' (Using password: YES)) I also have MySQL installed, and tried setting up the user flipper with the mysql client, as per the instructions here: http://vsbabu.org/mt/archives/2003/04/17/mysql_in_mandrake_91.html -- http://mail.python.org/mailman/listinfo/python-list
Independence of programs!
Hey all, hope all is fine, I have a question; I am new in python programming, I write the programs to a text doc then I run them with the interpreter, so I wanna know whether I can save the programs as exe so that they can be run independently on other PCs without the python interpreter. hope you help me, thanks alot! -- http://mail.python.org/mailman/listinfo/python-list
tk global bindings
I'm starting to write a POS application UI's module. There's no mouse, just a bunch of global shortcuts. the problem is that TK doesn't have global shortcuts! Is there a work-around or i will have to attach 80 or so bindings for every input element? Thanks, Gabriel -- http://mail.python.org/mailman/listinfo/python-list
Re: Independence of programs!
blade8472 wrote: Hey all, hope all is fine, I have a question; I am new in python programming, I write the programs to a text doc then I run them with the interpreter, so I wanna know whether I can save the programs as exe so that they can be run independently on other PCs without the python interpreter. hope you help me, thanks alot! If you are under Microsoft Windows (which I guess, according your question), you may use py2exe ( http://starship.python.net/crew/theller/py2exe/ ). It will do all the required stuff for you to have a standalone executable. David -- http://mail.python.org/mailman/listinfo/python-list
Redirecting stdout/err under win32 platform
Hi everybody, let me explain by problem: I am working on an application which consists in a C++ dll (numeric computations) and a Python IHM (Python/Tk), which must run under Linux and win32. My problem is the C++ lib does write stuffs on its stdout, and I would like to print those messages in a Tk frame. When I run the computation, it has it's own thread. So my question is : how van I redirect the dll's stdout to something I can retrieve in Python (pipe, socket,...)? I can do it easily under Linux. I made tests with a socket which just works fine. In the threaded function (that will do the heavy computation), I write: import os, sys from socket import * s=socket(AF_UNIX, SOCK_STREAM) s.connect(...) os.dup2(sys.__stdout__.fileno(), s.fileno()) very_intensive_function(many_parameters) s.close() That's OK under Linux, but does not work under win32 (even if I use an INET localhost socket), cause I cannot do the os.dup2 trick (Windows does not want to consider a socket as a file! What a shity system!). So my question is : is there a simple solution ? I have tested different solutions. I am trying hacks with pipes created with the win32api. But I have not yet managed this simple operation. Note that I have no access to the dll source code, so I cannot modify it so it uses a named pipe (for example) as message output pipe instead os stdout... Thanks, David -- http://mail.python.org/mailman/listinfo/python-list
Re: [perl-python] 20050127 traverse a dir
On Thu, 27 Jan 2005 15:01:12 -0500, Chris Mattern wrote: Is it just me, or is the disappointing lack of flamewars slowly ratcheting up the level of vitriol in his posts? What flabbergasts me is the stunning failure in trolling that XL is. I've accidentally trolled (if you can extend the trolling definition that way) through ignorance of both subject matter and local culture, accidentally trolled through typo, and accidentally trolled through poorly chosen incendiary example that had little to do with my point. This poor guy trolls across five newsgroups and is now one of the few things that they absolutely all absolutely agree on. Now *that* is some truly breathtaking failure right there. I'm not sure I could fail that hard if I tried. (I'll shut up about Xah now.) -- http://mail.python.org/mailman/listinfo/python-list
Weekly Python Patch/Bug Summary
Patch / Bug Summary ___ Patches : 280 open ( +7) / 2747 closed ( +1) / 3027 total ( +8) Bugs: 803 open ( +6) / 4799 closed (+10) / 5602 total (+16) RFE : 167 open ( +1) / 141 closed ( +0) / 308 total ( +1) New / Reopened Patches __ tarfile.ExFileObject iterators (2005-01-23) http://python.org/sf/1107973 opened by Mitch Chapman Allow slicing of any iterator by default (2005-01-24) http://python.org/sf/1108272 opened by Nick Coghlan fix .split() separator doc, update .rsplit() docs (2005-01-24) CLOSED http://python.org/sf/1108303 opened by Wummel type conversion methods and subclasses (2005-01-25) http://python.org/sf/1109424 opened by Walter Dörwald distutils dry-run breaks when attempting to bytecompile (2005-01-26) http://python.org/sf/1109658 opened by Anthony Baxter patch for idlelib (2005-01-26) http://python.org/sf/1110205 opened by sowjanya patch for gzip.GzipFile.flush() (2005-01-26) http://python.org/sf/1110248 opened by David Schnepper HEAD/PUT/DELETE support for urllib2.py (2005-01-28) http://python.org/sf/653 opened by Terrel Shumway Patches Closed __ fix .split() maxsplit doc, update .rsplit() docs (2005-01-24) http://python.org/sf/1108303 closed by rhettinger New / Reopened Bugs ___ \0 not listed as a valid escape in the lang reference (2005-01-24) CLOSED http://python.org/sf/1108060 opened by Andrew Bennetts broken link in tkinter docs (2005-01-24) http://python.org/sf/1108490 opened by Ilya Sandler Cookie.py produces invalid code (2005-01-25) http://python.org/sf/1108948 opened by Simon Dahlbacka idle freezes when run over ssh (2005-01-25) http://python.org/sf/1108992 opened by Mark Poolman Time module missing from latest module index (2005-01-25) http://python.org/sf/1109523 opened by Skip Montanaro Need some setup.py sanity (2005-01-25) http://python.org/sf/1109602 opened by Skip Montanaro distutils argument parsing is bogus (2005-01-26) http://python.org/sf/1109659 opened by Anthony Baxter bdist_wininst ignores build_lib from build command (2005-01-26) http://python.org/sf/1109963 opened by Anthony Tuininga Cannot ./configure on FC3 with gcc 3.4.2 (2005-01-26) CLOSED http://python.org/sf/1110007 opened by Paul Watson recursion core dumps (2005-01-26) http://python.org/sf/1110055 opened by Jacob Engelbrecht gzip.GzipFile.flush() does not flush all internal buffers (2005-01-26) http://python.org/sf/1110242 opened by David Schnepper os.environ.update doesn't work (2005-01-27) CLOSED http://python.org/sf/1110478 opened by June Kim list comprehension scope (2005-01-27) CLOSED http://python.org/sf/1110705 opened by Simon Dahlbacka RLock logging mispells success (2005-01-27) CLOSED http://python.org/sf/1110998 opened by Matthew Bogosian csv reader barfs encountering quote when quote_none is set (2005-01-27) http://python.org/sf/100 opened by washington irving tkSimpleDialog broken on MacOS X (Aqua Tk) (2005-01-27) http://python.org/sf/130 opened by Russell Owen Bugs Closed ___ bug with idle's stdout when executing load_source (2005-01-20) http://python.org/sf/1105950 closed by kbk \0 not listed as a valid escape in the lang reference (2005-01-23) http://python.org/sf/1108060 closed by tim_one Undocumented implicit strip() in split(None) string method (2005-01-19) http://python.org/sf/1105286 closed by rhettinger split() takes no keyword arguments (2005-01-21) http://python.org/sf/1106694 closed by rhettinger Cannot ./configure on FC3 with gcc 3.4.2 (2005-01-26) http://python.org/sf/1110007 closed by loewis os.environ.update doesn't work (2005-01-27) http://python.org/sf/1110478 closed by loewis Scripts started with CGIHTTPServer: missing cgi environment (2005-01-11) http://python.org/sf/1100235 closed by loewis list comprehension scope (2005-01-27) http://python.org/sf/1110705 closed by rhettinger RLock logging mispells success (2005-01-27) http://python.org/sf/1110998 closed by bcannon README of 2.4 source download says 2.4a3 (2005-01-20) http://python.org/sf/1106057 closed by loewis New / Reopened RFE __ 'attrmap' function, attrmap(x)['attname'] = x.attname (2005-01-26) http://python.org/sf/1110010 opened by Gregory Smith -- http://mail.python.org/mailman/listinfo/python-list
Re: tk global bindings
Gabriel B. wrote: I'm starting to write a POS application UI's module. There's no mouse, just a bunch of global shortcuts. the problem is that TK doesn't have global shortcuts! Is there a work-around or i will have to attach 80 or so bindings for every input element? In Tk here are three levels of binding: instance binding, class binding, and application binding represented by the bind, bind_class, and bind_all methods. You're probably looking for the the bind_all method, as in self.bind_all(SomeKey, self.onSomeKey) HTH, -- Vincent Wehren Thanks, Gabriel -- http://mail.python.org/mailman/listinfo/python-list
Re: tk global bindings
vincent wehren wrote: Gabriel B. wrote: I'm starting to write a POS application UI's module. In Tk here are three levels of binding: instance binding, class binding, and application binding represented by the bind, bind_class, and bind_all methods. You're probably looking for the the bind_all method, as in self.bind_all(SomeKey, self.onSomeKey) HTH, -- Vincent Wehren Oh and you of course __must__ look at the (recently updated!) New Mexico Tech tkinter document at: http://infohost.nmt.edu/tcc/help/pubs/tkinter.pdf See page 75 and follwing for more info on keyboard bindings... -- Vincent Wehren Thanks, Gabriel -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
[EMAIL PROTECTED] (Alex Martelli) writes: OK then -- vars(type(object)) is a dict which has [[the unbound-method equivalent of]] object.__subclasses__ at its entry for key '__subclasses__'. Scratch 'vars' in addition to 'getattr'. And 'eval' of course, or else building up the string 'object.__subclasses__' (in a way the regex won't catch) then eval'ing it is easy. I dunno, maybe I'm just being pessimistic, I guess... You can defeat the regexp without any builtin besides object: eval(# coding: utf7\n +AG8AYgBqAGUAYwB0AC4AXwBfAHMAdQBiAGMAbABhAHMAcwBlAHMAXwBf-) built-in method __subclasses__ of type object at 0x81010e0 Bernhard -- Intevation GmbH http://intevation.de/ Skencil http://skencil.org/ Thuban http://thuban.intevation.org/ -- http://mail.python.org/mailman/listinfo/python-list
ASPy package
Hello, I have been trying to download ASPy (an old jython package implementing ASP pages support) from the Internet but it is not available anymore from its home page. Does anybody have it and could link it in some public place? Best Regards - Salvador -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
Paul Rubin http wrote: An AES or DES addition to an existing module that implements just one call: ECB(key, data, direction) would be a huge improvement over what we have now. A more complete crypto module would have some additional operations, but ECB is the only one that's really essential. I would hate to see a module which only implemented ECB. Sure its the only operation necessary to build the others out of, but its the least secure mode of any block cipher. If you don't offer users a choice, then they'll use ECB and just that along with all its pitfalls, meanwhile thinking that they are secure because they are using AES/DES... For those people following along at home (I'm sure everyone who has contributed to thread knows this already) I tried to find a simple link to why ECB is bad, this PDF is the best I could come up with, via Google's Cache. http://www.google.com/search?q=cache:U5-RsbkSs0MJ:www.cs.chalmers.se/Cs/Grundutb/Kurser/krypto/lect04_4.pdf -- Nick Craig-Wood [EMAIL PROTECTED] -- http://www.craig-wood.com/nick -- http://mail.python.org/mailman/listinfo/python-list
Registration is accepted
Before use read the help The file Jol03.cpl attached to this message posed a potential virus risk to the network and has been removed. If you need to receive a .zip file from an external source, you may request an exception by emailing [EMAIL PROTECTED] Thank you, Risk Mgmt-Info Sec-- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
Alex I dunno, maybe I'm just being pessimistic, I guess... No, I think you are being realistic. I thought one of the basic tenets of computer security was that which is not expressly allowed is forbidden. Any attempt at security that attempts to find and plug the security holes while leaving the basic insecure system intact is almost certainly going to miss something. Skip -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
Paul I've had this discussion here before, maybe not with you. What I Paul really want is zero installations of anything. Fine. Go build a sumo distribution and track the normal CPython. The problem isn't all that new. (Take a look at scipy.org for one take on that theme. Of course Linux distros have been doing their take on this forever.) If everyone adopted your position that it wasn't Python unless it had been added to the core, we'd all be reinventing lots of wheels or tackling much less challenging tasks, if we programmed in Python at all. Here's an incomplete list of stuff not in the core I have used happily over the past several years to do my jobs using Python: Paul That makes no sense at all. That list is a list of programs Paul written in the Python language. They are Python programs, where Paul Python is an adjective. No, many of them are just modules or programming frameworks. * SpamBayes Paul I have the impression this is an application and not a module, Yes, you're correct. * Quixote Paul Don't know what this is. Web app framework. * Docutils Paul Should be in the core if it's what I think it is. Probably will be someday. * MoinMoin Paul Application, should be separate. Also, GPL'd, I think. Can't be Paul distributed under PSF license. Sure. * Psyco Paul I think this isn't ready for prime time yet. Should go into the Paul core once it is. It's getting close for those of us with Intel chips in our boxes. * PyInline Paul Not sure what this is. A module for inlining C code within a Python module. Also see Weave from the scipy.org folks. It was inspired by the Perl Inline::C module. * PyGTK Paul wxPython might be a better choice. Doesn't matter. At work they decreed GTK as the GUI platform long before I came along (they also use gtkmm for C++ apps). It's still an example of a broadly useful package available outside the core distribution. * xmlrpclib before it was in the core Paul 1. Did you really need this, instead of some more reasonable rpc Paulformat? Yes, for several years I used a homegrown RPC solution behind the Musi-Cal website that was Python only. Eventually Mojam (a Perl shop) bought Musi-Cal (a Python shop). I switched to XML-RPC with little effort. At one point we also had Java talking XML-RPC. Paul xdrlib has been in the core forever. Sure. But it's somewhat lower level than XML-RPC and isn't really an RPC protocol. It's just a marshalling protocol and is probably not as flexible as XML-RPC at that. Paul 2. Isn't xmlrpclib written in Python? Yes. The implementation language is just a detail. I also use Fredrik Lundh's sgmlop library to accelerate XML-RPC and play some other games when I know I'm talking Python-to-Python (marshal my args, then XML-RPC the result passing a single argument between the client and server). * MAL's mx.DateTime before the core datetime module was available Paul See, as Python improved, those things went into the core. Sure, than that's what Martin has been trying to tell you about your AES proposal. Put it out there, refine it, and get it into the core when it's mature. * timeout_socket before sockets supported timeouts Paul Could you use sigalarm instead? I suppose. That's not the point though. I'm not married to the concept as you seem to be that something has to be in the core distribution to be of use to me. I'm perfectly happy incorporating solutions other people provide. I believe you will find I am in the majority in this regard. Many of those things I could never have written myself, either for lack of time, lack of skill or both. I'm grateful they were available when I needed them and feel no qualms about using them even though they are not distributed with Python proper. Paul Sure, it's fine if you have all those modules and you write a Paul Python program that uses, say, five of them. External modules Paul aren't so bad when the developer and the end user are the same Paul person. What happens if you send your Python program to a Paul nonprogrammer friend who has just a vanilla Python installation? I figure out some other packaging solution. In my world most of the software I write is for my employer, so this is not a problem I face very often. People use freeze, py2exe, py2app or other packaging solutions to solve most/all of these problems. Paul Now he has to download and install those five modules too. You Paul send him the url's where you got the modules a year ago. What are Paul the chances that the 5 url's even all still work, much less the Paul chance of him being able to install and run all 5 of the modules Paul without needing help? What if the versions he downloads (from Paul separate developers) have gotten out of sync with each
Re: Marketing reST (was Re: What YAML engine do you use?)
Aahz wrote: While I can see how you'd get that impression of reST, it's not true: like Python, reST is intended to be simpl*er* and readable, but not simple. The joy of reST is that I can concentrate on writing instead of formatting, just as I do when writing Usenet posts. ;-) Even after using reST for a long time, I'm still constantly looking up features that I use rarely (such as correct formatting of URLs). But reST is great because it's relatively unobtrusive. Those of us who've used reST to document code for a long time have gotten into the habit of using some reST-isms even when not writing reST: have you noticed the number of Pythonistas who use constructs like ``foo()``? Even if you didn't know it was from reST, the meaning is obvious. And this is the core of it for me too (if you want simple, use Word). Roundup's documentation__ (in particular the `Customisation Doc`__ which is now huge) is entirely written in reST. It uses a fraction of the total pool of reST constructs, but I believe the end result is perfectly legible. I also tend to write in reST style when composing emails (a biggie for me is starting examples with ::). Anyway, some sample Roundup docs: __ http://roundup.sourceforge.net/doc-0.8/index.html __ http://roundup.sourceforge.net/doc-0.8/customizing.html As you say, reST can/does get messy when you're doing complicated things, but it stays more readable than XML/DocBook. Indeed - I chose to use reST for Roundup's documentation for two very important reasons: 1. lower the barrier for me to write the docs - and I am *really* happy with how current the Roundup docs stay, because I don't feel like actually writing them is a pain, as opposed to any sort of Markup Language format, and 2. the first contributor of docs suggested it, and I've had several contributors since. It's easier for contributors to write for Roundup's documentation - even if they don't get the reST markup correct, it's trivial to fix. This is less the case with a Markup Language. Richard -- http://mail.python.org/mailman/listinfo/python-list
Re: Description Field in WinXP Services
ChangeServiceConfig2 is the api functions that sets the description, but it's not in the win32service module (yet). Roger rbt [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] How does one associate a Description with a Windows service written in Python? I've just started experimenting with Python services. Here's my code... copied straight from Mr. Hammond's Python Programming on Win32: import win32serviceutil import win32service import win32event class test_py_service(win32serviceutil.ServiceFramework): _svc_name_ = test_py_service ## Tried the following to no avail. _svc_description_ = Test written by Brad _svc_display_name_ = Test Python Service def __init__(self, args): win32serviceutil.ServiceFramework.__init__(self, args) self.hWaitStop = win32event.CreateEvent(None, 0, 0, None) def SvcStop(self): self.ReportServiceStatus(win32service.SERVICE_STOP_PENDING) win32event.SetEvent(self.hWaitStop) def SvcDoRun(self): win32event.WaitForSingleObject(self.hWaitStop, win32event.INFINITE) if __name__ == '__main__': win32serviceutil.HandleCommandLine(test_py_service) == Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News== http://www.newsfeeds.com The #1 Newsgroup Service in the World! 100,000 Newsgroups ---= East/West-Coast Server Farms - Total Privacy via Encryption =--- -- http://mail.python.org/mailman/listinfo/python-list
re: Marketing reST (was Re: What YAML engine do you use
Aahz writes - While I can see how you'd get that impression of reST, it's not true: like Python, reST is intended to be simpl*er* and readable, but not simple. Really? ;) Thanks for taking this one on. I was tempted. But scared ;) I find reST quite useful. Not a very sophisticated way to judge something designed to be useful. but the best I can do. Art -- http://mail.python.org/mailman/listinfo/python-list
scope rules in nested functions
Hello, I was writing a program which used some nested functions, and came across a behaviour which I was unable to explain. I can summarise it with the example below: #!/usr/bin/env python def evalfunction0(a): print Call by eval - Success! arg =,a def evalfunction3(a): def evalfunction1(a): string = evalfunction0(a+1) eval(string) def evalfunction2(a): string = evalfunction1(a+1) eval(string) # uncomment the next line to make the PREVIOUS line work! #evalfunction1(-1) string = evalfunction2(a+1) eval(string) def callfunction0(a): print Function call - Success! arg =,a def callfunction3(a): def callfunction1(a): callfunction0(a+1) def callfunction2(a): callfunction1(a+1) callfunction2(a+1) callfunction3(0) evalfunction3(0) What I see (although I've only been able to test it in Python version 2.3 so far) is that the eval() call in evalfunction2, is unable to resolve the symbol name evalfunction1 - even though it would be possible to call that function directly. But it is even stranger to me that, if evalfunction1() is called directly, then calling that function using eval() from the same function also works. I had previously assumed that the symbols available to eval() would be the symbols available as literals, but it seems not. Is this a designed feature, and if so would somebody be kind enough to describe why it occurs? More practically, if there are a large number of functions at the same nesting level as evalfunction1(), is it possible for me to allow evalfunction2() to access all of them without explicitly naming each one as a literal? Thanks, Andrew -- --- Andrew Collier To reply by email, please use: http://www.intensity.org.uk/ ---'andrew {at} intensity.org.uk' -- Have you lost your Marbles? http://www.marillion.com/ -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
Skip Montanaro [EMAIL PROTECTED] wrote: Alex I dunno, maybe I'm just being pessimistic, I guess... No, I think you are being realistic. I thought one of the basic tenets of computer security was that which is not expressly allowed is forbidden. Any attempt at security that attempts to find and plug the security holes while leaving the basic insecure system intact is almost certainly going to miss something. I guess security is drastically different from all other programming spheres because you DO have an adversary, who you should presume to be at least as clever as you are. In most tasks, good enough is good enough and paranoia doesn't pay; when an adversary IS there, only the paranoid survive...;-) Alex -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine (WAS: Another scripting language implemented into Python itself?)
Steven Bethard wrote: Fuzzyman wrote: Cameron Laird wrote: [snip..] This is a serious issue. It's also one that brings Tcl, mentioned several times in this thread, back into focus. Tcl presents the notion of safe interpreter, that is, a sub- ordinate virtual machine which can interpret only specific commands. It's a thrillingly powerful and correct solution to the main problem Jeff and others have described. A better (and of course *vastly* more powerful but unfortunately only a dream ;-) is a similarly limited python virutal machine. Yeah, I think there are a lot of people out there who would like something like this, but it's not quite clear how to go about it. If you search Google Groups, there are a lot of examples of how you can use Python's object introspection to retrieve unsafe functions. I wish there was a way to, say, exec something with no builtins and with import disabled, so you would have to specify all the available bindings, e.g.: exec user_code in dict(ClassA=ClassA, ClassB=ClassB) but I suspect that even this wouldn't really solve the problem, because you can do things like: py class ClassA(object): ... pass ... py object, = ClassA.__bases__ py object type 'object' py int = object.__subclasses__()[2] py int type 'int' so you can retrieve a lot of the builtins. I don't know how to retrieve __import__ this way, but as soon as you figure that out, you can then do pretty much anything you want to. Steve Wouldn't it be better to attach to all code objets some kind of access right marker and to create an opcode that calls a function while reducing the access rights ? After all, security would be easier to achieve if you prevented the execution of all the dangerous code rather than trying to hide all the entry points to it. -- http://mail.python.org/mailman/listinfo/python-list
bound vs unbound functions
I'm trying to do metaprogramming. I'm sure I've got this all wrong wrong wrong, but somehow my approach hasn't yet hit a brick wall. Anyway, I'd like to dynamically add a method to an instance at instantiation time. Something like ## In [71]: class quux(object): : def __init__(self,stuff): : template = def foo(self,b): print b + %s % stuff : exec(template) : self.bazz = foo : In [72]: q = quux(5) In [73]: q.bazz(4) --- TypeError Traceback (most recent call last) /Users/tobis/PyNSol/console TypeError: foo() takes exactly 2 arguments (1 given) In [74]: q.bazz(not much,4) 9 So the straightforward question is why, even though bazz is a method of class quux, it doesn't have that extra call parameter 'self'. Is this a problem? If I actually need a reference to self is it OK to do: In [76]: q.bazz(q,4) ? The more vague question is why do people despise 'exec', and how should I do this sort of thing instead? mt PS - any idea how to get past google's stupid formatting these days? I thought they were supposed to like python, but they just ignore leading blanks. -- http://mail.python.org/mailman/listinfo/python-list
Re: bound vs unbound functions
Michael Tobis wrote: Anyway, I'd like to dynamically add a method to an instance at instantiation time. Something like Nearly identical question from yesterday and a series of answers: http://mail.python.org/pipermail/python-list/2005-January/263024.html Steve -- http://mail.python.org/mailman/listinfo/python-list
[perl-python] sending email
# -*- coding: utf-8 -*- # Python # Suppose you want to spam your friend, and you have lots of # friends. The solution is to write a program to do it. After a gander # at python docs, one easily found the module for the job. # see http://python.org/doc/2.3.4/lib/SMTP-example.html # the code is a bit long with the command line, but the key lies at # the bottom four lines. The gist is this: import smtplib smtpServer='smtp.yourdomain.com'; fromAddr='[EMAIL PROTECTED]'; toAddr='[EMAIL PROTECTED]'; text='''Subject: newfound love Hi friend, long time no write, i have a new manifesto i think it would be of interest for you to peruse. ... ''' server = smtplib.SMTP(smtpServer) server.set_debuglevel(1) server.sendmail(fromAddr, toAddr, text) server.quit() # save this file as x.py and run it. # it should send out the mail. # the set_debuglevel() is nice because you see all the interactions # with the smtp server. Useful when you want to see what's going on # with a smtp server. - in Perl, there are not just one, two, or 3 modules that does the job, each with slight problems. Here's how the situation stands as of 2001 March: For Perl libraries that deals with RFC 821, I personally know of three: * Mail::Mailer. Mentioned in most Perl books. Written or maintained by Graham Barr. * Mail::Send, maintained by Graham Barr , originally written by Tim Bunce. * Mail::Sendmail by Milivoj Ivkovic. The first two has glaring problems. I'm sorry i forgot what they are. I think Mail::Mailer has a bug on the from field. i.e. it ignores what you gave. I'm currently using Mail::Sendmail, and according to a ex-colleague, it has problems with some DNS mail exchange entries. for some discussion of the plethora of Perl mail modules and their short-cummings, see http://alma.ch/perl/mail.htm Xah [EMAIL PROTECTED] http://xahlee.org/PageTwo_dir/more.html -- http://mail.python.org/mailman/listinfo/python-list
Proxy
is it possible to connect to somewhere through a proxy while using sockets module of Python to connect? If yes can you show me some basic examples? regards Do you Yahoo!? Yahoo! Search presents - Jib Jab's 'Second Term'-- http://mail.python.org/mailman/listinfo/python-list
Re: Description Field in WinXP Services
Roger Upole wrote: ChangeServiceConfig2 is the api functions that sets the description, but it's not in the win32service module (yet). Roger OK, I can use _winreg to add the 'Description' field under the appropriate registry key. -- http://mail.python.org/mailman/listinfo/python-list
naive doc question
Is it just me that can't find a full reference in the docs? I wanted a list of all the methods of dict for example... where can i find it? Thanks, and sorry if this question is just dumb, i really can't find it -- http://mail.python.org/mailman/listinfo/python-list
Re: naive doc question
Gabriel B. said unto the world upon 2005-01-29 19:38: Is it just me that can't find a full reference in the docs? I wanted a list of all the methods of dict for example... where can i find it? Thanks, and sorry if this question is just dumb, i really can't find it It's just you ;-) Try the Library Reference, section 2.3.8 Mapping Types. (Perhaps confusing to a newcomer, but Pythons dicts are, as yet, its only standard mapping types, mapping being the general comp sci concept.) Best, Brian vdB -- http://mail.python.org/mailman/listinfo/python-list
Re: naive doc question
i.e., http://docs.python.org/lib/typesmapping.html -- http://mail.python.org/mailman/listinfo/python-list
tutorial idea
have a java applet that runs python code, with a tutorial that goes along with it. that way you just have to go to a website to learn it, instead of downloading and installing a few programs. (i would make it so it assumes that you don't know how to program anything.) -- http://mail.python.org/mailman/listinfo/python-list
cx_freeze error
I am new to Python. I made a script, and compiled it with cx_freeze, but I got the following message from it: [cxfreeze]$./FreezePython hello.py Traceback (most recent call last): File initscripts/ConsoleKeepPath.py, line 15, in ? exec code in m.__dict__ File FreezePython.py, line 1, in ? File optparse.py, line 72, in ? File textwrap.py, line 32, in ? File textwrap.py, line 81, in TextWrapper AttributeError: 'module' object has no attribute 'compile' Does anyone know what I should do ? Thanks -- http://mail.python.org/mailman/listinfo/python-list
{Spam?} Re: bound vs unbound functions
Michael Tobis [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I'd like to dynamically add a method to an instance at instantiation time. No can do. A method is function that is an attribute of a class, even if accessed via an instance. A function added to an instance as an attribute of the instance remains a function. It is instance-specific data that methods and other code can use, just like other instance data, for instance-specific effects. Two common examples: class composer: # skip obvious init def __call__(self, x): return self.outer(self.inner(x)) sincos = composer(math.sin, math.cos) # yes, this can also be done with composer function with nested scope class memoizer: # posted several times # skip init again def __call__(self,x): # return previously computed self.memodict[x] if it exists # or calculate, store, and return self.func(x) \ PS - any idea how to get past google's stupid formatting these days? I thought they were supposed to like python, but they just ignore leading blanks. Don't use google to post on clp. Go to news.gmane.org instead. Terry J. Reedy -- http://mail.python.org/mailman/listinfo/python-list
Re: tutorial idea
ElctrcElctrcgtr1 wrote: have a java applet that runs python code, with a tutorial that goes along with it. that way you just have to go to a website to learn it, instead of downloading and installing a few programs. (i would make it so it assumes that you don't know how to program anything.) Something like this? http://tams-www.informatik.uni-hamburg.de/applets/jython/demo.html Well, without the assumption of not knowing how to program :) Cheers, Nick. -- Nick Coghlan | [EMAIL PROTECTED] | Brisbane, Australia --- http://boredomandlaziness.skystorm.net -- http://mail.python.org/mailman/listinfo/python-list
Re: naive doc question
Michael Hartl [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] i.e., http://docs.python.org/lib/typesmapping.html If you look on the index page of the Python Library Reference (http://docs.python.org/lib/genindex.html), you will find dictionary object, which will take you exactly to the page above. -- http://mail.python.org/mailman/listinfo/python-list
Re: Hey, get this! [was: import from database]
Peter Otten wrote: Steve Holden wrote: This is even stranger: it makes it if I import the module a second time: [second import seems to succeed] Maybe you are experiencing some version confusion? What you describe looks much like the normal Python 2.3 behaviour (with no import hook involved) whereas you seem to operate on the 2.4 library. A partially initialized module object is left behind in sys.modules and seen by further import attempts. I agree that this is 2.3-like behavior, but Python cannot lie ... [EMAIL PROTECTED] ~/Projects/Python/dbimp $ python Python 2.4 (#1, Dec 4 2004, 20:10:33) [GCC 3.3.3 (cygwin special)] on cygwin Type help, copyright, credits or license for more information. $ cat arbitrary.py import not_there def f(): print you ain't gonna see that $ python Python 2.3.3 (#1, Apr 6 2004, 01:47:39) [GCC 3.3.3 (SuSE Linux)] on linux2 Type help, copyright, credits or license for more information. import arbitrary Traceback (most recent call last): File stdin, line 1, in ? File arbitrary.py, line 2, in ? import not_there ImportError: No module named not_there import arbitrary arbitrary.f() Traceback (most recent call last): File stdin, line 1, in ? AttributeError: 'module' object has no attribute 'f' I have no experience with import hooks, but for normal imports that has been fixed in Python 2.4: $ py24 Python 2.4 (#5, Jan 4 2005, 10:14:01) [GCC 3.3.3 (SuSE Linux)] on linux2 Type help, copyright, credits or license for more information. import arbitrary Traceback (most recent call last): File stdin, line 1, in ? File arbitrary.py, line 2, in ? import not_there ImportError: No module named not_there import arbitrary Traceback (most recent call last): File stdin, line 1, in ? File arbitrary.py, line 2, in ? import not_there ImportError: No module named not_there Peter $ cat arbitrary.py import not_there def f(): print you ain't gonna see that [EMAIL PROTECTED] ~/Projects/Python/dbimp $ python Python 2.4 (#1, Dec 4 2004, 20:10:33) [GCC 3.3.3 (cygwin special)] on cygwin Type help, copyright, credits or license for more information. import arbitrary Traceback (most recent call last): File stdin, line 1, in ? File arbitrary.py, line 1, in ? import not_there ImportError: No module named not_there import arbitrary Traceback (most recent call last): File stdin, line 1, in ? File arbitrary.py, line 1, in ? import not_there ImportError: No module named not_there Yup, looks like 2.4 (despite this funny cygwin stuff, could that make a difference). Let me try it under Windows [ferkle, ferkle ...] Does the same thing there. This problem also seems to depend what's already loaded. I wrote a program to write a test program that looks like this: import dbimp dbimp.install() print Trying aifc try: import aifc except: print %Failed: aifc print Trying anydbm try: import anydbm except: print %Failed: anydbm print Trying asynchat try: import asynchat except: print %Failed: asynchat ... import dbimp dbimp.install() print Trying aifc try: import aifc except: print %Failed: aifc print Trying anydbm try: import anydbm except: print %Failed: anydbm print Trying asynchat try: import asynchat except: print %Failed: asynchat The two platforms give expectedly close results. I'm storing compiled code, so a version incompatibility would be a problem, I agree, but I have checked the program that loaded the database, and loaded it again from the Windows source rather than the CygWin source, just to see whether there were any unnoticed platform dependencies. The results were exactly the same using either library, and Windows and Cygwin showed only minor variations. exhaustCyg24.txt:%Failed: bsddb.dbtables exhaustCyg24.txt:%Failed: bsddb.test.test_all exhaustCyg24.txt:%Failed: bsddb.test.test_associate exhaustCyg24.txt:%Failed: bsddb.test.test_basics exhaustCyg24.txt:%Failed: bsddb.test.test_compat exhaustCyg24.txt:%Failed: bsddb.test.test_dbobj exhaustCyg24.txt:%Failed: bsddb.test.test_dbshelve exhaustCyg24.txt:%Failed: bsddb.test.test_dbtables exhaustCyg24.txt:%Failed: bsddb.test.test_env_close exhaustCyg24.txt:%Failed: bsddb.test.test_get_none exhaustCyg24.txt:%Failed: bsddb.test.test_join exhaustCyg24.txt:%Failed: bsddb.test.test_lock exhaustCyg24.txt:%Failed: bsddb.test.test_misc exhaustCyg24.txt:%Failed: bsddb.test.test_queue exhaustCyg24.txt:%Failed: bsddb.test.test_recno exhaustCyg24.txt:%Failed: bsddb.test.test_thread exhaustCyg24.txt:%Failed: tzparse exhaustWin24.txt:%Failed: bsddb.dbtables exhaustWin24.txt:%Failed: bsddb.test.test_all exhaustWin24.txt:%Failed: bsddb.test.test_associate exhaustWin24.txt:%Failed: bsddb.test.test_basics exhaustWin24.txt:%Failed: bsddb.test.test_compat exhaustWin24.txt:%Failed: bsddb.test.test_dbobj exhaustWin24.txt:%Failed: bsddb.test.test_dbshelve exhaustWin24.txt:%Failed: bsddb.test.test_dbtables exhaustWin24.txt:%Failed: bsddb.test.test_env_close
Re: naive doc question
I wouldn't call the responses here helpful; they seem overspecific. I had a similar problem which led to the follwing code. After I came up with this I saw a very similar utility was derived in Dive into Python. see http://diveintopython.org/power_of_introspection/index.html#apihelper.divein Anyway the following is intended as an interactive utility to explore the callables of modules and classes. I always have it imported into my interactive sessions. So import it and try sm(dict) . .# sm() .# showmethods . .def sm(namespace,terse=0,maxchars=300): . . report the callables of a namespace . .returns a nice string representation of the public callables of the .namespace and the first maxchars bytes of their respective docstrings . .if terse, truncates the docstring at the first newline . . . d = namespace.__dict__ . l = [str(x) + \t\t + str(d[x].__doc__)[:maxchars] for x in d.keys() \ .if callable(d[x]) and not x.startswith(_)] . if terse: . l = [x.split(\n)[0] for x in l] . l.sort() . return \n=\n.join(l) -- http://mail.python.org/mailman/listinfo/python-list
{Spam?} Re: naive doc question
Gabriel B. [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] I wanted a list of all the methods of dict for example... where can i find it? Lib Ref 2.3.8 Mapping Types. Do browse chapter 2 so you know what is there. Terry J. Reedy -- http://mail.python.org/mailman/listinfo/python-list
Re: Coding style article with interesting section on white space
[EMAIL PROTECTED] wrote: The suggestions in the cited article, How Not to Write FORTRAN in Any Language, are reasonable but elementary and can be followed in Fortran 90/95/2003 as well as any other language. What infuriates me is that the author writes as if Fortran has not evolved since the 1960s. It has. To be specific, Fortran 90 For myself, I'd be more inclined to say you can write Perl in any language, but the fact that the author used Fortan as his own hated source of unreadable code is beside the point - the entire point of the article is that readability counts, no matter what language you're writing in :) And that's why the article got published in spite of the jabs at Fortran - those jabs served to explain the source of the author's detestation of unreadable code. Anyone taking such an admittedly biased opinion and using it to form an opinion on _current_ Fortan has problems far bigger than a single article. Cheers, Nick. -- Nick Coghlan | [EMAIL PROTECTED] | Brisbane, Australia --- http://boredomandlaziness.skystorm.net -- http://mail.python.org/mailman/listinfo/python-list
Re: limited python virtual machine
Alex Martelli wrote: It didn't seem to me that Steven's question was so restricted; and since he thanked me for my answer (which of course is probably inapplicable to some custom interpreter that's not written yet) it appears to me that my interpretation of his question was correct, and my answer useful to him. Yes, I'd stopped following the thread for a bit, and the discussion had moved further afield than I realised :) If you _can_ execute (whatever) in a separate process, then an approach based on BSD's jail or equivalent features of other OS's may be able to give you all you need, without needing other restrictions to be coded in the interpreter (or whatever else you run in that process). I think that's where these discussion have historically ended. . . making a Python-specific sandbox gets complicated enough that it ends up making more sense to just use an OS-based sandbox that lets you execute arbitrary binaries relatively safely. The last suggestion I recall along these lines was chroot() plus a monitoring daemon that killed the relevant subprocess if it started consuming too much memory or looked like it had got stuck in an infinite loop. Cheers, Nick. -- Nick Coghlan | [EMAIL PROTECTED] | Brisbane, Australia --- http://boredomandlaziness.skystorm.net -- http://mail.python.org/mailman/listinfo/python-list
Re: [perl-python] sending email
I recommend the example in the Python Library Reference as a better example: http://www.python.org/doc/lib/SMTP-example.html. You can also find the entire description of the smtplib module in the same section (http://www.python.org/doc/lib/module-smtplib.html). Xah Lee's example is missing: - The login() call needed by SMTP hosts that require authentication. - The 'From:' and 'To:' addresses in the header of the email. They are not mandatory, but you would probably use them. -- http://mail.python.org/mailman/listinfo/python-list
Re: Description Field in WinXP Services
rbt wrote: Roger Upole wrote: ChangeServiceConfig2 is the api functions that sets the description, but it's not in the win32service module (yet). Roger OK, I can use _winreg to add the 'Description' field under the appropriate registry key. Here's an example of it... kludgey but it works ;) from _winreg import * import time def Svc_Description(): try: key_location = rSYSTEM\CurrentControlSet\Services\test_py_service svc_key = OpenKey(HKEY_LOCAL_MACHINE, key_location, 0, KEY_ALL_ACCESS) SetValueEx(svc_key,'Description',0,REG_SZ,uBrad's Test Python Service) CloseKey(svc_key) except Exception, e: print e Svc_Description() time.sleep(10) -- http://mail.python.org/mailman/listinfo/python-list
[Tkinter] problem
when i start opt_newlogin.py directly it works fine(outputs '1 1 1 1'), but if i start it from options.py there is an error(outputs ''). opt_newlogin.py from config import * from Tkinter import * from opt_newlogin import newlogin def OptionsWindow(): root = Tk() root.title(msg_OptionsWindowTitle) b1 = Button(root, text = msgForgotPassword, width = 40).grid(padx = 5, pady = 5, column = 0, row = 0) b2 = Button(root, text = msgNewLogin, command = newlogin, width = 40).grid(padx = 5, pady = 5, column = 0, row = 1) root.mainloop() if __name__ == '__main__': OptionsWindow() options.py from config import * from Tkinter import * import tkMessageBox, os.path def create_new_account(login, password, secretq, secreta): print login, password, secretq, secreta if os.path.exists(os.path.join(data_path, login)): tkMessageBox.showerror(title = msgError, message = msgPasswordLoginExists) elif login == '': pass else: os.mkdir(os.path.join(data_path, login)) fd = file(os.path.join(data_path, login, data_info_file_name), 'wb') fd.write(password + os.linesep) fd.write(secretq + os.linesep) fd.write(secreta + os.linesep) fd.close() tkMessageBox.showinfo(title = msgInfoAccountCreated, message = msgInfoAccountCreated2) def newlogin(): root = Tk() root.title(msg_NewLoginWindowTitle) l1 = Label(root, text = msgLogin).grid(padx = 5, pady = 5, column = 0, row = 0, sticky = E) l2 = Label(root, text = msgPassword).grid(padx = 5, pady = 5, column = 0, row = 1, sticky = E) l3 = Label(root, text = msgConfirmPassword).grid(padx = 5, pady = 5, column = 0, row = 2, sticky = E) l4 = Message(root, text = msgKeyQuestion, width = 250).grid(padx = 5, pady = 5, column = 0, row = 3, sticky = E) l5 = Label(root, text = msgKeyQuestionAnswer).grid(padx = 5, pady = 5, column = 0, row = 4, sticky = E) v1 = StringVar() v2 = StringVar() v3 = StringVar() v4 = StringVar() v5 = StringVar() e1 = Entry(root, width = 50, textvariable = v1) e1.grid(padx = 5, pady = 5, column = 1, row = 0) e1.focus_force() e2 = Entry(root, width = 50, textvariable = v2, show = '*') e2.grid(padx = 5, pady = 5, column = 1, row = 1) e3 = Entry(root, width = 50, textvariable = v3, show = '*') e3.grid(padx = 5, pady = 5, column = 1, row = 2) e4 = Entry(root, width = 50, textvariable = v4) e4.grid(padx = 5, pady = 5, column = 1, row = 3) e5 = Entry(root, width = 50, textvariable = v5, show = '*') e5.grid(padx = 5, pady = 5, column = 1, row = 4) def b1_cmd(): if v2.get() v3.get(): tkMessageBox.showerror(title = msgError, message = msgPasswordConfirmError) print v1.get(), v2.get(), v4.get(), v5.get() create_new_account(v1.get(), v2.get(), v4.get(), v5.get()) b1 = Button(root, text = msgCreateNewLoginButton, command = b1_cmd).grid(padx = 5, pady = 5, column = 0, row = 5) b2 = Button(root, text = msgCancelButton, command = root.destroy).grid(padx = 5, pady = 5, column = 1, row = 5) root.mainloop() if __name__ == '__main__': newlogin() config.py # codepage = cp1251 # # # def u(s): return unicode(s, 'cp1251') msgMainWindowTitle = u(' B 4\\2') msgLogin= u('') msgPassword = u('') msgGameNumber = u(' ') msgSaveButton = u('') msgLoadButton = u('') msgOptionsButton= u('') msg_OptionsWindowTitle = u('') msgForgotPassword = u(' ') msgNewLogin = u(' ') msg_NewLoginWindowTitle = u(' ') msgConfirmPassword = u(' ') msgKeyQuestion = u(' - - ,') msgKeyQuestionAnswer= u(' ') msgCreateNewLoginButton = u('') msgCancelButton = u('') msgError= u('') msgPasswordConfirmError = u(' .') msgPasswordLoginExists = u(' .') msgInfoAccountCreated = u(' ') msgInfoAccountCreated2 = u(' .') msgInvalidGameNumber= u(' .') msgInvalidPassword = u(' .') msgInvalidLogin = u(' .') msgSaveError= u(' .') msgSuccess = u('') msgSuccessCopy = u(' ,.') data_path = '192.168.1.1' data_info_file_name = 'info' info_path = 'info' -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
Martin v. Löwis [EMAIL PROTECTED] writes: Apparently, people disagree on what precisely the API should be. E.g. cryptkit has obj = aes(key) obj.encrypt(data) I don't disagree about the API. The cryptkit way is better than ECB example I gave, but the ECB example shows it's possible to do it in one call. I think I would prefer explicit encrypt/decrypt methods over a direction parameter. Whether or not selection of mode is a separate parameter, or a separate method, might be debatable I prefer separate methods too, however if it was done with a direction flag instead, it wouldn't really cause a problem. As long as the functionality is there, I can use it. I would trust my intuition more for a single function than for an entire API. In this specific proposal, I think I would trust my intuition and reject the ECB function because of the direction argument. As an experienced user of a lot of these packages, I can tell you I've seen it done both ways and I have a slight preference for separate calls, but it really doesn't matter one way or the other and it's not worth getting in a debate about it or having a committee design the API and worry about such trivial issues. BTW, the main reason to reject the example ECB function is that creating a key object (key schedule) from a string can take significant computation (sort of like compiling a regexp) so the ECB function for some ciphers would have to cache the object like the regexp module does. Yuck. The direction flag question would normally be between: key = aes.key(key_data) ciphertext = key(plaintext, e) or key = aes.key(key_data) ciphertext = key.encrypt(plaintext) FWIW, another way to do it, also sometimes preferable, is: key = aes.ecb(key_data, e) # e for encryption, or d for decryption ciphertext = key(plaintext) I think the module I proposed did it this last way, but I haven't looked at it in a while. The point is that when faced with yet another crypto package, I don't get in too concerned about which simple API variant it uses to do such a basic operation. I just care that the operation is available. I look in the docs to find that package's particular API for that operation, and I do what the docs say. I should make it clear that this module is like Python's low-level thread module in that you have to know what you're doing in order to use it directly without instantly getting in deep trouble. Most applications would instead use it indirectly through one or more intermediate layers. I fully understand what you desire - to include the module as a battery. What makes this decision difficult is that you fail to understand that I don't want included batteries so much that I would accept empty or leaking batteries. I do understand that, and the prospect of empty or leaking batteries is vitally important to considering whether to include a battery that's included, but for the purposes of an included-battery discussion, the characteristics of NON-included batteries is not relevant, given that we know they exist. http://sourceforge.net/projects/cryptkit/ ... I've examined that module, I wouldn't consider it ideal for the core (besides AES, it has some complicated additional functions that aren't useful to most people) Ok, that would be a problem. If this is a simple removal of functions that you'ld request (which functions?), OK. First you have to decide whether you want a general crypto toolkit, or just an AES module. I've been concentrating on just an AES module (or rather, a generic block cipher module with AES and DES) since I figure that creates fewer areas of controversy, etc. I think it's too early to standardize a fancy toolkit. Once there's block ciphers, we can think about adding more stuff afterwards. For that module, I'd say remove everything except AES and maybe SHA256, and ask that DES be added. SHA256 is possibly useful, but isn't really part of an encryption package; it can be separated out like the existing sha and md5 modules. Also, it should be brought into PEP 247 compliance if it's not already. Rationale: I'd get rid of the entropy module now that os.urandom is available. Having the OS provide entropy is much better than trying to do it in user code. I'd get rid of the elliptic curve stuff unless there's some widely used standard or protocol that needs that particular implementation. Otherwise, if I want ECC in a Python program, I'd just do it on characteristic-p curves in pure Python using Python longs. (Bryan's package uses characteristic-2 curves which means the arithmetic is all boolean operations, that are more efficient on binary CPU's, especially small ones. But that means the module has to be written in C, because doing all those boolean operations in Python is quite slow. It would be like trying to do multi-precision arithmetic in Python with Python ints instead of longs). Once there's a widely accepted standard for ECC like there is
Re: What's so funny? WAS Re: rotor replacement
Martin v. Löwis [EMAIL PROTECTED] writes: mxCrypto is primarily unsuitable for the core because Marc-Andre Lemburg will never ever contribute it. He is very concerned about including crypto code with the Python distribution, so he certainly won't contribute his own. Oh wait, I confused mxcrypto and m2crypto. Sorry. Anyway, the technical considerations are similar. -- http://mail.python.org/mailman/listinfo/python-list
is this sort method the same as the one in python 2.4
I'm trying to emulate the sorted() method introduced in python 2.4. The only difference is that it takes a sequence as one of its arguments rather than being a method of the sequence class. Does my method do the same as the sorted()? The obvious difference is that my method is called as sort(seq, cmp, key, reverse) rather than seq.sorted(cmp, key, reverse) def sort(seq, cmp=None, key=None, reverse=False): return a sorted copy of its input if sys.version_info (2,4): return sorted(seq, cmp, key, reverse) if key: toreturn = [ (key(elt), elt) for elt in seq ] else: toreturn = seq[:] if cmp: toreturn.sort(cmp) else: toreturn.sort() if key: toreturn = [ b for (a,b) in toreturn ] if reverse: toreturn.reverse() return toreturn Lowell -- http://mail.python.org/mailman/listinfo/python-list
Re: What's so funny? WAS Re: rotor replacement
Nick Craig-Wood [EMAIL PROTECTED] writes: I would hate to see a module which only implemented ECB. Sure its the only operation necessary to build the others out of, but its the least secure mode of any block cipher. It's intended as a building block for other modes. Most applications shouldn't use it directly. If you don't offer users a choice, then they'll use ECB and just that along with all its pitfalls, meanwhile thinking that they are secure because they are using AES/DES... The documentation has to be written somewhat forcefully to tell users what not to do. I can help with that. I've had to do that a lot, supporting crypto packages in projects where the other programmers haven't used crypto very much. -- http://mail.python.org/mailman/listinfo/python-list
Re: Coding style article with interesting section on white space
(unwisely taking the bait...) If you like your language to look like this http://www.cs.rpi.edu/~szymansk/OOF90/bugs.html then more power to you. I prefer my languages to be portable, terse and expressive. That's why I like Python. If you want your language to be obscure, ill-defined and inconsistent across platforms, by all means go to comp.lang.fortran . There is no fundamental reason why a language with expressive power much like Python's cannot have run-time performance comparable to Fortran's. Unfortunately, Fortran's dominance of the relatively small scientific computation universe has prevented such a language from emerging. The solutions which interest me in the short run are 1) writing a code generation layer from Python to a compiled language (possibly F77 though I will try to get away with C) and 2) wrapping legacy Fortran in Python. The latter is quite regularly subverted by non-standard binary data structures across compilers and a pretty profound disinterest in interoperability by the people designing the Fortran standard that makes their interest look more like turf protection and less like an interest in the progress of science. In the long run, hopefully a high-performance language that has significant capacity for abstraction and introspection will emerge. People keep trying various ways to coax Python into that role. Maybe it will work, or maybe a fresh start is needed. Awkwardly bolting even more conetmporary concepts onto Fortran is not going to achieve bringing computational science up to date. Python fundamentally respects the programmer. Fortran started from a point of respecting only the machine, (which is why Fortrans up to F77, having a well-defined objective, were reasonable) but now it is a motley collection of half-baked and confusing compromises between runtime performance, backward compatibility, and awkward efforts at keeping up with trends in computer languages. So-called object oriented Fortran makes the most baroque Java look elegant and expressive. For more see http://www.fortranstatement.com Language matters. You can't really write Python in any language. mt -- http://mail.python.org/mailman/listinfo/python-list
Re: cx_freeze error
[EMAIL PROTECTED] wrote: I am new to Python. I made a script, and compiled it with cx_freeze, but I got the following message from it: [cxfreeze]$./FreezePython hello.py Traceback (most recent call last): File initscripts/ConsoleKeepPath.py, line 15, in ? exec code in m.__dict__ File FreezePython.py, line 1, in ? File optparse.py, line 72, in ? File textwrap.py, line 32, in ? File textwrap.py, line 81, in TextWrapper AttributeError: 'module' object has no attribute 'compile' Does anyone know what I should do ? Possibly do not use the name re.py for your own module, as it is the name of a standard library module as well. At least, that's what an analysis of line 81 of textwrap.py suggests might be your problem. Do you have a module named re.py? -Peter -- http://mail.python.org/mailman/listinfo/python-list
Re: cx_freeze error
There is no any module like re.py, I just compiled the hello.py it has only one line: print hello! Anyone knows how? -- http://mail.python.org/mailman/listinfo/python-list