[Python-Dev] Re: Capabilities - published interfaces (original) (raw)
Aahz aahz at pythoncraft.com
Sat Dec 20 10:55:48 EST 2003
- Previous message: [Python-Dev] Re: Capabilities - published interfaces
- Next message: [Python-Dev] Re: Capabilities - published interfaces
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, Dec 20, 2003, Luke Kenneth Casson Leighton wrote:
On Sat, Dec 20, 2003 at 10:16:29AM -0500, Aahz wrote:
Supposedly there's a middle ground of untrusted but non-hostile code, but what's the point of providing support for that? the example that i gave that was because i wanted to offer a subset of python functionality to end-users such that they could run DNS lookups, pings, check a web page existed, telnet to a box, run commands and check the output. to some extent, i didn't care about things like class because 1) the users weren't that bright. 2) the user's weren't that hostile.
Yup. By "what's the point?" I didn't mean that there were no use cases; the problem is that such cases are not frequent enough to justify the effort.
rexec fitted the requirements perfectly - and it still does: it's just been disabled and also changed into something that stops even the library functions from writing to log files. i couldn't even use the MySQLdb module which was kinda critical to the database-driven backend.
Well, you're free to maintain rexec as a separate project (or borrow from the still-maintained Zope system). But anything shipped as part of Python can't afford to assume your points 1) and 2).
Aahz (aahz at pythoncraft.com) <*> http://www.pythoncraft.com/
Weinberg's Second Law: If builders built buildings the way programmers wrote programs, then the first woodpecker that came along would destroy civilization.
- Previous message: [Python-Dev] Re: Capabilities - published interfaces
- Next message: [Python-Dev] Re: Capabilities - published interfaces
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]