[Python-Dev] Re: Capabilities
Ben Laurie
ben@algroup.co.uk
Sat, 08 Mar 2003 18:09:46 +0000
Guido van Rossum wrote:
>>What I am trying to nail down is exactly what needs doing to get us
>>from where we are now to where capabilities actually work. As I
>>understand it, what is needed is:
>>
>>a) Fix restricted execution, which is in a state of disrepair
>
>
> Yes.
>
>
>>b) Override import, open (and other stuff? what?)
>
>
> Don't worry about this; it's taken care of by the rexec module; each
> application will probably want to do this a little differently
> (certainly Zope has its own way).
I believe I heard way back that there was a lack of confidence rexec
overrode everything that needed overriding - or am I getting mixed up
with restricted execution?
>>c) Wrap or replace some of the existing libraries, certify that others
>>are "safe"
>
>
> This should only be necessary for (core and 3rd party) extension
> modules. The rexec module has a framework for this.
>
>
>>It looks to me like a and b are shared with proxies, and c would be
>>different, by definition. Is there anything else? Am I on the wrong track?
>
>
> I don't know why you think (c) is different.
Because with proxies you'd wrap with proxies, and with capabilities
you'd wrap with capabilities. Or do you think there's a way that would
work for both (which would, of course, be great)?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff