[Python-Dev] Capabilities

[Samuele Pedroni]

From: "Ka-Ping Yee" <ping@zesty.ca>
> However, there is still the problem that the established technique
> for storing instance-specific state in Python is to use globally-
> accessible data attributes instead of a limited scope.  We would
> also need to add a safe (private) place for instances to put state.

Indeed, that's the fact that implementations of methods are normal functions
that access the instance attributes like everything else do,
that's why Zope-proxies become necessary (and a bit brittle):

class A:
 def geta(self):
    return self.a # 1

a=A()

a.a # 2

(1) and (2) are using the same operation/execution path.

The other issue, as you wrote, is also that introspection operations are like
normal operations too (and they share the same execution path also):

a.__dict__

vs.

introspect(a).__dict__

The problem is that there is obviously a flexibility/easy-of-use trade-off.
Python is a language that maximizes that and where e.g. introspection feels
easy and natural, OTOH analyzing security become nightmarish.

regards.