Think about it, you slip up with permissions and all of a sudden someone can quite happily do: http://yoursite.com/ealExp?pExp=import os; os.system('rm -rf /') (with a bit of URL encoding ;-) cheers, Chris Josef Meile wrote:

I would like to know what the risks are because I haven't found information about it. Thanks.

...

Wow... where are your servers? I love playing with potentially huge security holes ;-)

Chris