but in this case the object is security sensitive, and security should be much more rigorous in ensuring correctness.
It looks like there's a consensus being reached, should I create a bpo? Thomas Grainger On Sat, 26 Jun 2021 at 23:03, Ethan Furman <ethan@stoneleaf.us> wrote:
On 6/26/21 1:55 PM, Marc-Andre Lemburg wrote:
On 26.06.2021 21:32, Ethan Furman wrote:
In most cases I would agree with you, but in this case the object is security sensitive, and security should be much more rigorous in ensuring correctness.
Isn't this more an issue of API design rather than Python's flexibility when it comes to defining attributes ?
I think it's both, with the majority of the responsibility being on the API design.
IMO, a security relevant API should not use direct attribute access for adjusting important parameters. Those should always be done using functions or method calls which apply extra sanity checks and highlight issues in form of exceptions.
Agreed -- but Python's nature makes it easy to use attribute access to make adjustments, and that should also be constrained in security conscious objects.
-- ~Ethan~ _______________________________________________ Python-ideas mailing list -- python-ideas@python.org To unsubscribe send an email to python-ideas-leave@python.org https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/W37274... Code of Conduct: http://python.org/psf/codeofconduct/