[Jim]
You don't need restricted execution to make proxies work.
[Guido]
Um, I think that's a dangerous mistake, or a confusion in terminology.
[Jim]
All I'm saying is that the proxy mechanism itself doesn't rely on restricted execution.
Without restricted execution, untrusted code would have access to sys.modules, and from there it would be able to access removeAllProxies.
All we need to be able to do is control imports. It turns out that to prevent access to sys.modules, we have to replace __builtins__, which has the side-effect of enabling restricted execution. You don't need anything but the ability to restrict imports and other unproxied access to sys.modules to use proxies.
Turns out this was another terminology misunderstanding. I think of the ability to overload __import__ and set __builtins__ as part of the restricted execution implementation, because that's why they were implemented. Jim thought that these were separate features, and that restricted execution in the interpreter only referred to the closing off of some introspection attributes (e.g. im_self, __dict__ and func_globals). --Guido van Rossum (home page: http://www.python.org/~guido/)