[Python-Dev] Capabilities

Ben Laurie ben@algroup.co.uk
Mon, 10 Mar 2003 11:02:26 +0000

Guido van Rossum wrote:
>>Maybe every Python object should have a flag which
>>can be set to prevent introspection -- like the current
>>restricted execution mechanism, but on a per-object
>>basis. Then any object could be used as a capability.
> I think the capability folks would object to calling it a capability
> though. :-)

No, objects are another way to do it, though it seems to me with 
somewhat less ease - because the most common use of capabilities is to 
restrict the type of access to objects other objects have, so you'd need 
to have multiple objects proxying to the "real" one if you do it at the 
object level.

If we were going to go this route, I'd like the alternative of _also_ 
being able to set the flag on a bound method.

> Two questions:
> - Where to store the flag?  It probably would cost 4 bytes per object.

You can swap space for time by storing it as an attribute, of course.

> - Which attributes are considered introspective?

All of them, except methods.

Of course, this is what my first approximation to capabilities did 
(that's what a "capclass" was).



http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff