[Python-Dev] rexec.py unuseable

Luke Kenneth Casson Leighton lkcl at lkcl.net
Thu Dec 18 04:29:22 EST 2003


On Wed, Dec 17, 2003 at 10:30:23PM +0100, Martin v. L?wis wrote:
> Luke Kenneth Casson Leighton <lkcl at lkcl.net> writes:
> 
> >  all i can do is recommend a framework and some guidelines on what
> >  conventions could be fitted over that framework.
> 

martin, to clarify: "all i can do" is the wrong preamble phrase.
"i would like to" is better.  i was trying to be ... self-denigrating,
over-careful, something like that.


> originally provided. To prove that, I would need a complete proposal
> how precisely what ACLs are set on what objects, and how exactly I
> invoke code for restricted execution (i.e. what API do I call in what
> order). 

 what api, in what order, what code is invoked in (inside the python
 executable), _how_ ACLs are set on what objects, yes.

 _what_ acls are set on what objects is conditional on whether i
 receive funding to do so, or whether some other people can be of
 significant assistance.  why?  because there's a lot of them.

 what i was trying to say above, "all i can do is recommend a framework"
 is build up to an idea of adding in a framework, similar to
 Exceptions, by which ANY generically-defined restriction system
 can be plugged in to the python language.

 the idea being that if no such a system is not plugged in,
 the performance penalty on python is insignificant, and no user-code
 is restricted.


 however, this may all turn out to be unnecessary [quote from greg
 ewing]:

> The spirit behind my suggestion was to start thinking about
> ways in which functionality could be separated out so that
> this kind of special-casing for security purposes isn't
> needed.

 so, with the correct codebase reordering, a simple capabilities
 based system can be added, the problem goes away.

 yes?

 l.




More information about the Python-Dev mailing list