Guido van Rossum wrote:
Maybe every Python object should have a flag which can be set to prevent introspection -- like the current restricted execution mechanism, but on a per-object basis. Then any object could be used as a capability.
I think the capability folks would object to calling it a capability though. :-)
No, objects are another way to do it, though it seems to me with somewhat less ease - because the most common use of capabilities is to restrict the type of access to objects other objects have, so you'd need to have multiple objects proxying to the "real" one if you do it at the object level.
If we were going to go this route, I'd like the alternative of _also_ being able to set the flag on a bound method.
- Where to store the flag? It probably would cost 4 bytes per object.
You can swap space for time by storing it as an attribute, of course.
- Which attributes are considered introspective?
All of them, except methods.
Of course, this is what my first approximation to capabilities did (that's what a "capclass" was).