On 26.06.2021 21:32, Ethan Furman wrote:
> On 6/25/21 5:20 PM, Eric V. Smith wrote:
>
>> It seems like many of the suggestions are SSLContext specific. I don't think
> we should be adding
>> __slots__ or otherwise redefining the interface to that object. Isn't this a
> general "problem" in
>> python...
>
> In most cases I would agree with you, but in this case the object is security
> sensitive, and security should be much more rigorous in ensuring correctness.
Isn't this more an issue of API design rather than Python's
flexibility when it comes to defining attributes ?
IMO, a security relevant API should not use direct attribute
access for adjusting important parameters. Those should always
be done using functions or method calls which apply extra sanity
checks and highlight issues in form of exceptions.
And those are possible in Python without calling type checking,
linters or other extra tools to the rescue.
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Experts (#1, Jun 26 2021)
>>> Python Projects, Coaching and Support ... https://www.egenix.com/
>>> Python Product Development ... https://consulting.egenix.com/
________________________________________________________________________
::: We implement business ideas - efficiently in both time and costs :::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
https://www.egenix.com/company/contact/
https://www.malemburg.com/
_______________________________________________
Python-ideas mailing list -- python-ideas@python.org
To unsubscribe send an email to python-ideas-leave@python.org
https://mail.python.org/mailman3/lists/python-ideas.python.org/
Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/53V2RCIDJRE2SVVB7C4FZADIY2LSRMWT/
Code of Conduct: http://python.org/psf/codeofconduct/