But that's not how rexec works.
It seems to me that the restricted execution mechanism (is there a shorter term for this? calling it rexec is a misnomer, as has been pointed out -- let's call it the REM for now) really is a kind of capability system. The REM works by closing off a bunch of loopholes and then controlling which builtins a piece of code has access to. That code can then pass them on to other code or withhold them. Sounds a lot like capabilities, doesn't it? So the hypothesised "capability python" would be rather like having REM permanently in effect... Greg Ewing, Computer Science Dept, +--------------------------------------+ University of Canterbury, | A citizen of NewZealandCorp, a | Christchurch, New Zealand | wholly-owned subsidiary of USA Inc. | greg@cosc.canterbury.ac.nz +--------------------------------------+