On Sun, 2003-03-09 at 07:03, Guido van Rossum wrote:
[Jim]
You don't need restricted execution to make proxies work.
Um, I think that's a dangerous mistake, or a confusion in terminology.
Without restricted execution, untrusted code would have access to sys.modules, and from there it would be able to access removeAllProxies.
Guido and I discovered that we were not using the same terminology in our own discussions. Guido suggests the following terms: rexec -- the rexec module in the Python standard library restricted execution -- the features in the Python code depending on PyEval_GetRestricted(). We still need a term to refer to an arbitrary mechanism for providing a secure environment for untrusted code. (I had been using "restricted execution" to mean this.) Perhaps a "safe interpreter"? Jeremy