[Python-Dev] Re: Whither rexec? (original) (raw)

M.-A. Lemburg mal@lemburg.com
Thu, 09 Jan 2003 11:42:46 +0100

Guido van Rossum wrote:

If you only want to secure a few objects, then mxProxy can help you with this: it allows access management at C level on a per-method basis and also via callbacks...

http://www.egenix.com/files/python/mxProxy.html Zope3 has a similar proxy feature. But I think that the safety of proxies still relies on there not being backdoors, and the new-style class code has added too many of those.

mxProxy stores a reference to the object in a C Proxy object and then manages access to this object through the Proxy methods and attributes. Provided that no other reference to the wrapped Python object exist in the interpreter, the only way to get at the object is via hacking the C code, ie. by using a special extension which knows how to extract the C pointer to the object from the Proxy object.

Now, the Proxy object knows that e.g. bound methods of the object contain a reference to the object itself and rewraps the method in a way which hides the pointer to self. I don't know whether the new class code has added more backdoors of this kind. If so, I'd appreciate some details or references, so that I can add support for these to mxProxy as well.

More on this thread later, when I have more bandwidth to deal with it.

Ok.

-- Marc-Andre Lemburg CEO eGenix.com Software GmbH

eGenix.com -- Makers of the Python mx Extensions: mxDateTime,mxODBC,... Python Consulting: http://www.egenix.com/ Python Software: http://www.egenix.com/files/python/