open == file considered harmful (Re: [Python-Dev] RE: rexec.pyunuseable) (original) (raw)
Michael Chermside mcherm at mcherm.com
Thu Dec 18 08:15:24 EST 2003
- Previous message: [Python-Dev] 2.3.3 and beyond
- Next message: open == file considered harmful (Re: [Python-Dev] RE: rexec.pyunuseable)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[Michael Chermside]
... INSTANCES of 'file' and could access f.class. [...] so for restricted code we return something like this:
class FakeFile: def eq(self, other): return other == file
[Guido]
Are you aware of the original issue, which is that as soon as you have a file instance (which might have been given to you by a very restrictive open() variant), you can always get to the file class using the class attribute? Access to the class attribute is useful for all sorts of reasons.
Yes, I'm aware of that issue... in fact that's what I'm trying to address here, but I'm obviously not doing a good job of expressing myself. I was thinking of the restricted code having access to an instance of 'file' named 'myFileInstance'. This instance has peculiar behavior when you access 'myFileInstance.class'. Instead of returning the class object 'file', it returns a class object like 'FakeFile' (which I should have made a subclass of 'type').
This whole plan is based on two misconceptions. The first is that access to class is the only way to use introspection to access things of greater power (like the class) from an instance. It's NOT the only way, I'm just hoping that the others can be fully enumerated (somewhat shaky, but perhaps possible) and can be fixed in similar ways (maybe true). The other misconception (apparently) is that the only real USE for accessing the class attribute is for testing class membership. You said above that it's useful "for all sorts of reasons"... I'm wondering what they are.
And yes... I also realize that there's not a whole lot of difference between an instance which behaves oddly under introspection and one which is wrapped in a proxy. But I realize that providing a secure proxy is somewhat difficult and I'm wondering if the other approach is more useful.
[Guido]
Yes, even for 3.0 this is still a dream...
True enough. So feel free to just drop the issue if you've got better (ie, more immediate) things to spend your time on. I wouldn't want to see you get a pie by default because there wasn't time to complete a test suite!
-- Michael Chermside
- Previous message: [Python-Dev] 2.3.3 and beyond
- Next message: open == file considered harmful (Re: [Python-Dev] RE: rexec.pyunuseable)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]