At 07:56 PM 2/22/2009 -0800, Guido van Rossum wrote:
On Sun, Feb 22, 2009 at 7:39 PM, P.J. Eby <pje@telecommunity.com> wrote:
Just a question, but, if you just need a pure-python restricted environment for App Engine, why not just use the RestrictedPython package (i.e., http://pypi.python.org/pypi/RestrictedPython )?
How does that work? Remember, app engine doesn't support certain things, and bytecode manipulations (if that's what RestrictedPython does) are one of the unsupported things.
It doesn't modify bytecode, it modifies an AST. It basically replaces prints, and attribute/item read/writes with function calls. Unfortunately, it does this AST modification by running as a traversal against the stdlib compiler package's AST, not a modern AST. So, I suppose it might not be usable as-is on app engine. It does, however, have the advantage of having been used in Zope for oh, six or seven years now? ISTM that it first came out around the same time as Python 2.3, and the latest version just dropped support for Python 2.1 and 2.2. So, if you want something that wasn't thrown together in an afternoon, it might be a good thing to take a look at. ;-)
The other reason I can think of is that Tav is a capabilities purist. :-)
You can implement capabilities on top of RestrictedPython; it's simply a policy-neutral enforcement framework.