<div>This looks very interesting. What I like about Tav's approach is that it should also be directly applicable to Jython. Much like Jython in general, there's a tight correspondence between typeobject.c/PyType.java and genobject.c/PyGenerator.java. So we plan on trying out a similar, presumably small patch too.<br>
</div><div><div><br></div><div>What will be very helpful here is identifying a set of tests that verify these claims of restricted execution.<br><div><div><br></div><div>- Jim</div><div><br><div class="gmail_quote">On Mon, Feb 23, 2009 at 4:03 PM, tav <span dir="ltr"><<a href="mailto:tav@espians.com" target="_blank">tav@espians.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hey Martin,<br>
<div><br>
>> The patch is a mere 6 lines of code and provides the absolute minimum<br>
>> that is needed to secure the Python interpreter!<br>
><br>
> Unlike Guido, I'm not quite willing to your word for it.<br>
<br>
</div>You are right. Sorry, I was a bit too enthusiastic and overstated the case.<br>
<br>
How about: "it could possibly enable a secured Python interpreter" ?<br>
<div><br>
> OTOH, the patch looks harmless (with minor corrections). It could<br>
> be considered a bug fix for the current set of restricted attributes<br>
<br>
</div>Yes, and it is in that light that I would like the patch to be accepted.<br>
<div><br>
--<br>
love, tav<br>
<br>
plex:espians/tav | <a href="mailto:tav@espians.com" target="_blank">tav@espians.com</a> | +44 (0) 7809 569 369<br>
</div><div><a href="http://tav.espians.com" target="_blank">http://tav.espians.com</a> | <a href="http://twitter.com/tav" target="_blank">http://twitter.com/tav</a> | skype:tavespian<br>
_______________________________________________<br>
</div><div><div></div><div>Python-Dev mailing list<br>
<a href="mailto:Python-Dev@python.org" target="_blank">Python-Dev@python.org</a><br>
<a href="http://mail.python.org/mailman/listinfo/python-dev" target="_blank">http://mail.python.org/mailman/listinfo/python-dev</a><br>
Unsubscribe: <a href="http://mail.python.org/mailman/options/python-dev/jbaker%40zyasoft.com" target="_blank">http://mail.python.org/mailman/options/python-dev/jbaker%40zyasoft.com</a><br>
</div></div></blockquote></div><br><br clear="all"><br>-- <br>Jim Baker<br><a href="mailto:jbaker@zyasoft.com" target="_blank">jbaker@zyasoft.com</a><br>
</div>
</div></div></div>