open == file considered harmful (Re: [Python-Dev] RE:
rexec.pyunuseable)
Luke Kenneth Casson Leighton
lkcl at lkcl.net
Wed Dec 17 14:40:32 EST 2003
> Are you aware of the original issue, which is that as soon as you have
> a file *instance* (which might have been given to you by a very
> restrictive open() variant), you can always get to the file *class*
> using the __class__ attribute? Access to the __class__ attribute is
> useful for all sorts of reasons.
that is why i am proposing that ACLs be added to every "Entity"
in language - functions, modules, attributes etc.
[even if the implementation is such that they aren't _actually_
every-object-in-python-has-another-damn-pointer]
in this way, you would have one ACL on the open() function which
restricts it to file-read-only, another ACL on the open.__class__
attribute which would be, for the sake of argument
[("all functions", DENY, ABSOLUTELY_EVERYTHING)]
etc.
l.
More information about the Python-Dev
mailing list