[Python-Dev] In defense of Capabilities [was: doc for new restricted execution design for Python] (original) (raw)
Brett Cannon brett at python.org
Sat Jul 8 04:01:27 CEST 2006
- Previous message: [Python-Dev] In defense of Capabilities [was: doc for new restricted execution design for Python]
- Next message: [Python-Dev] In defense of Capabilities [was: doc for new restricted execution design for Python]
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 7/7/06, Nick Coghlan <ncoghlan at gmail.com> wrote:
Brett Cannon wrote: > Good point. C code could circumvent the bit check by doing all of the > work behind the scenes without pushing the object on the stack. But if > the check is in the C code for the object itself it is much harder to > get around. C code can circumvent the bit check by calling fopen() directly and pushing something onto the stack that isn't even recognised by the interpreter as a file object :)
Right, but you can take measures to prevent accidental circumvention.
You have to trust C code completely before importing it, because it has
access to the platform C library and can do whatever the heck it wants.
Yep.
-Brett -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.python.org/pipermail/python-dev/attachments/20060707/2a96118f/attachment.htm
- Previous message: [Python-Dev] In defense of Capabilities [was: doc for new restricted execution design for Python]
- Next message: [Python-Dev] In defense of Capabilities [was: doc for new restricted execution design for Python]
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]