[Python-Dev] capabilities & proxies (python-dev Summary for 2003-03-01 through 2003-03-15) (original) (raw)

M.-A. Lemburg mal@lemburg.com
Tue, 18 Mar 2003 11:27:14 +0100

Ben Laurie wrote:

Brett Cannon wrote:

Capabilities can loosely be thought of like bound methods. Security with capabilities is done based on possession; if you hold a reference to an object you can use that object. This confusion is my fault: I just happened to like using bound methods as the basis for capabilities, but objects can also be used, so long as access to them is appropriately restricted. This is explained in detail in the PEP I am writing (with help from others, I should note). Proxies are a wrapper around objects that restrict access to the object. This restriction extends all the way to the core; even core code can't get access to parts of a proxied object that it doesn't want any object to get a hold of. Its not clear to me what you mean by "core code" - certainly anything written in C can slice through a proxy without any problems (or, indeed, a capability).

That's certainly true...

BTW, just in case you aren't aware of it, mxProxy implements pretty much what Brett summarized here for proxies. You may want to have a look.

-- Marc-Andre Lemburg eGenix.com

Professional Python Software directly from the Source (#1, Mar 18 2003)

Python/Zope Products & Consulting ... http://www.egenix.com/ mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/

Python UK 2003, Oxford: 14 days left EuroPython 2003, Charleroi, Belgium: 98 days left