[Python-Dev] Capabilities / Restricted Execution (original) (raw)

Talin talin at acm.org
Tue Jul 11 12:36:09 CEST 2006

I thought a little bit more about Guido's comment that you can hide Python objects in a C wrapper class. However, as I was trying to sleep, I realized that you don't even need C to do it.

The trick is to store the object reference as a closure variable. Assuming that there's no mechanism to directly access such variables, you can effectively have 'private' variables.

Here's an pure-Python implementation of a wrapper that restricts access to all class members except those marked with the 'public' decorator. Note in the test cases below that even 'class' and 'dict' are inaccessible.

Exception to throw when we violate restrictions

class GuardException( Exception ): pass

Decorator function

def public(func): func.f_public = True return func

Wrapper function

def guard(content): class Guard(object): def getattribute(self, name): # This will throw an AttributeException if the # attribute doesn't exist, which is what # we want. attr = object.getattribute(content,name) if hasattr( attr, 'im_func' ): if hasattr( attr.im_func, 'f_public' ): # We can't return the bound method directly, # instead we create a proxy for it. def proxy_attr( *args, **kwargs ): return attr( *args, **kwargs ) return proxy_attr

         # Attribute exists but has no proxy
         raise GuardException( name )

 return Guard()

Test class

class Test(object): def init(self,name): self.name = name

 @public
 def get_name(self):
     return self.name

 def set_name(self,name):
     self,name = name

Test objects. First is unwrapped, second is wrapped.

t1 = Test("alpha") t2 = guard(Test("beta"))

These functions work correctly

print t1.name print t2.get_name()

This gets AttributeError because there's no such attribute

print t2.unk()

These generate GuardException

print t2.set_name() print t2.dict print t2.class print t2.name

-- Talin

More information about the Python-Dev mailing list