[Python-Dev] Re: Capabilities - published interfaces (original) (raw)

Luke Kenneth Casson Leighton lkcl at lkcl.net
Sat Dec 20 10:30:22 EST 2003

On Sat, Dec 20, 2003 at 10:16:29AM -0500, Aahz wrote:

> as python moves into a more mainstream acceptance, it becomes more > of an issue to let the kiddies bash themselves with rubber hammers.

That's an assertion. I think to a certain extent you'll need to prove your assertion.

'm a bit worried that such proofs would involve painting large metal hammers and covering them in plastic to make them look less real.

the resultant cracked skills could possibly land someone in jail.

Supposedly there's a middle ground of untrusted but non-hostile code, but what's the point of providing support for that?

the example that i gave that was because i wanted to offer a subset of python functionality to end-users such that they could run DNS lookups, pings, check a web page existed, telnet to a box, run commands and check the output.

so it's running a user's python code on a server where there is a networked host being analysed by the user.

what i didn't want to happen was for that user to run code on the server that could damage the server and interfere with the 100 or so other programs running to analyse 100 other hosts.

the whole point of using python was to avoid having to write an new programming language.

what i came up with was very very useful.

to some extent, i didn't care about things like class because

  1. the users weren't that bright.
  2. the user's weren't that hostile.

rexec fitted the requirements perfectly - and it still does: it's just been disabled and also changed into something that stops even the library functions from writing to log files. i couldn't even use the MySQLdb module which was kinda critical to the database-driven backend.

l.

More information about the Python-Dev mailing list