[Python-Dev] rexec.py unuseable (original) (raw)

Luke Kenneth Casson Leighton lkcl at lkcl.net
Thu Dec 18 04:29:22 EST 2003

On Wed, Dec 17, 2003 at 10:30:23PM +0100, Martin v. L?wis wrote:

Luke Kenneth Casson Leighton <lkcl at lkcl.net> writes:

> all i can do is recommend a framework and some guidelines on what > conventions could be fitted over that framework.

martin, to clarify: "all i can do" is the wrong preamble phrase. "i would like to" is better. i was trying to be ... self-denigrating, over-careful, something like that.

originally provided. To prove that, I would need a complete proposal how precisely what ACLs are set on what objects, and how exactly I invoke code for restricted execution (i.e. what API do I call in what order).

what api, in what order, what code is invoked in (inside the python executable), how ACLs are set on what objects, yes.

what acls are set on what objects is conditional on whether i receive funding to do so, or whether some other people can be of significant assistance. why? because there's a lot of them.

what i was trying to say above, "all i can do is recommend a framework" is build up to an idea of adding in a framework, similar to Exceptions, by which ANY generically-defined restriction system can be plugged in to the python language.

the idea being that if no such a system is not plugged in, the performance penalty on python is insignificant, and no user-code is restricted.

however, this may all turn out to be unnecessary [quote from greg ewing]:

The spirit behind my suggestion was to start thinking about ways in which functionality could be separated out so that this kind of special-casing for security purposes isn't needed.

so, with the correct codebase reordering, a simple capabilities based system can be added, the problem goes away.

yes?

l.

More information about the Python-Dev mailing list