Here is an example class: from datetime import datetime class Article: published = datetime.now()

Question

0

Asked: June 3, 20262026-06-03T17:00:47+00:00 2026-06-03T17:00:47+00:00

Here is an example class: from datetime import datetime class Article: published = datetime.now()

0

Here is an example class:

from datetime import datetime
class Article:
    published = datetime.now()
    for propname in "year month day hour minute second".split():
        exec "%s = property(lambda self: self.published.%s)"%(propname, propname)
    del propname

As you can see, I’m using exec to optimize the creation of multiple property() objects. I often read that using exec is bad and that it is a security hole in your program. In this case, is it?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-03T17:00:48+00:00

In this case, it’s not really a security threat, since the security threat arises when the executed string is something the user has any kind of access to. In this case, it is a split string literal.

However, even if it’s not a security risk, exec is almost always a poor choice. Why not use getattr and setattr instead?

from datetime import datetime
class Article:
    published = datetime.now()

    def __init__(self):
        for propname in "year month day hour minute second".split():
            setattr(self, propname, getattr(self.published, propname))

One flaw is that this has to be done in the __init__ method, so it depends whether you have a good reason not to include it there.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Here is an example class: from datetime import datetime class Article: published = datetime.now()

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply