open == file considered harmful (Re: [Python-Dev] RE: rexec.pyunuseable) (original) (raw)

Luke Kenneth Casson Leighton lkcl at lkcl.net
Wed Dec 17 14:40:32 EST 2003

• Previous message: [Python-Dev] rexec.py unuseable
• Next message: [Python-Dev] Re: rexec.py unuseable
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Are you aware of the original issue, which is that as soon as you have a file instance (which might have been given to you by a very restrictive open() variant), you can always get to the file class using the class attribute? Access to the class attribute is useful for all sorts of reasons.

that is why i am proposing that ACLs be added to every "Entity" in language - functions, modules, attributes etc.

[even if the implementation is such that they aren't actually every-object-in-python-has-another-damn-pointer]

in this way, you would have one ACL on the open() function which restricts it to file-read-only, another ACL on the open.class attribute which would be, for the sake of argument [("all functions", DENY, ABSOLUTELY_EVERYTHING)]

etc.

l.

• Previous message: [Python-Dev] rexec.py unuseable
• Next message: [Python-Dev] Re: rexec.py unuseable
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Python-Dev mailing list