[Python-Dev] Re: Capabilities

Ka-Ping Yee ping@zesty.ca
Mon, 10 Mar 2003 04:55:42 -0600 (CST)


On Sat, 8 Mar 2003, Ben Laurie wrote:
> >>c) Wrap or replace some of the existing libraries, certify that others
> >>are "safe"
> >
> > This should only be necessary for (core and 3rd party) extension
> > modules.  The rexec module has a framework for this.
> >
> >>It looks to me like a and b are shared with proxies, and c would be
> >>different, by definition. Is there anything else? Am I on the wrong track?
> >
> > I don't know why you think (c) is different.
>
> Because with proxies you'd wrap with proxies, and with capabilities
> you'd wrap with capabilities. Or do you think there's a way that would
> work for both (which would, of course, be great)?

This doesn't make any sense to me.  The standard libraries would provide
proxy wrappers in either caes.  The rexec vs. proxy issue doesn't enter
into it.

By the way -- to avoid confusion between "proxies used to wrap
unrestricted objects in order to make them into secure objects" and
"proxies used to reduce the interface of an existing secure object",
let's call the first "proxy" (as has been used in the "rexec vs. proxy"
discussion so far), and call the second a "facet" (which is the term
commonly used when capabilities people talk about reducing an interface).
We often talk about providing, say, a "read-only facet" on an object.


-- ?!ng