[Python-Dev] new security doc using object-capabilities (original) (raw)
Greg Ewing greg.ewing at canterbury.ac.nz
Tue Jul 25 02:04:44 CEST 2006
- Previous message: [Python-Dev] new security doc using object-capabilities
- Next message: [Python-Dev] new security doc using object-capabilities
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Phillip J. Eby wrote:
When I say "name checker" I mean the Zope type that allows you to specify a list of names that are allowed for a given object. This allowing is not based on identity or code signing or anything like that. It's just a list of attribute names: i.e. a capability mask over an existing object.
But this is backwards from what a true object-capability system should be like if it's properly designed. Instead of starting with too-powerful objects and trying to hide some of their powers, the different powers should be separated into different objects in the first place.
It sounds to me like Zope is using the approach it's using because it's having to work with Python as it currently is, not because its approach is the best one.
-- Greg
- Previous message: [Python-Dev] new security doc using object-capabilities
- Next message: [Python-Dev] new security doc using object-capabilities
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]