[Python-3000] Will we have a true restricted exec environment for python-3000?
Greg Ewing
greg.ewing at canterbury.ac.nz
Mon Apr 10 13:08:37 CEST 2006
Guido van Rossum wrote:
> I'm not sure how that would help. What would it mean to have a
> capability for accessing e.g. x.__class__?
If you can somehow get a reference to the
__builtin__.classof() function, then you
have that capability, otherwise you don't.
The key idea is that by turning potentially
dangerous things like this from attributes
into functions, access to them can be much
more easily controlled. Any function can be
withheld without the creator of the function
having had to do anything special. But you
can't withhold an attribute unless its
accessor has been designed with that in
mind.
--
Greg
More information about the Python-3000
mailing list