[Python-3000] Will we have a true restricted exec environment for python-3000?

Guido van Rossum guido at python.org
Mon Apr 10 20:37:24 CEST 2006


On 4/10/06, Greg Ewing <greg.ewing at canterbury.ac.nz> wrote:
> Guido van Rossum wrote:
>
> > I'm not sure how that would help. What would it mean to have a
> > capability for accessing e.g. x.__class__?
>
> If you can somehow get a reference to the
> __builtin__.classof() function, then you
> have that capability, otherwise you don't.
>
> The key idea is that by turning potentially
> dangerous things like this from attributes
> into functions, access to them can be much
> more easily controlled. Any function can be
> withheld without the creator of the function
> having had to do anything special. But you
> can't withhold an attribute unless its
> accessor has been designed with that in
> mind.

But it does require a major cultural shift. That means backwards
compatibility, and the need for users to relearn how they do things.
I'm not sure I like either of those, given that these changes would
affect *all* users just so that a small set of users can get the
feature they want.

--
--Guido van Rossum (home page: http://www.python.org/~guido/)


More information about the Python-3000 mailing list