Terry Hancock wrote:
ca***********@gmail.com wrote:One of these two ways you're not supposed to use for
security reasons, but I'm spacing on which one.
It's not a question of "security" in the usual sense, but
the first syntax imports a lot of stuff into the current
namespace, increasing the risk of unintentionally clobbering
local names. So it's certainly "riskier" in the sense of
"likely to cause bugs".
There's also the case where the names which are imported are not static.
That is, they are bound to certain objects at the time of the "import
*" but later on they can change. While this is perhaps a sign of design
problems in the imported module, the problem that results is that when
those names are rebound, modules which imported them with "*" still have
the old objects, not the new ones. Using "import module" and
referencing things with "module.name" doesn't suffer from the same
potential for problems (in addition to it being more readable etc).
-Peter