[Python-Dev] Capabilities

Jim Fulton jim@zope.com
Mon, 10 Mar 2003 10:29:41 -0500

Greg Ewing wrote:
>>E.g. I might have a service configuration registry object.  The object
>>behaves roughly like a dictionary.  A certain user may be given
>>read-only access to the registry.
> Maybe every Python object should have a flag which
> can be set to prevent introspection -- like the current
> restricted execution mechanism, but on a per-object
> basis. Then any object could be used as a capability.

Yes, but not a very useful one.  For example, given a file,
you often want to create a "file read" capability which is
an object that allows reading the file but not writing the file.
Just preventing introspection isn't enough.


Jim Fulton           mailto:jim@zope.com       Python Powered!
CTO                  (888) 344-4332            http://www.python.org
Zope Corporation     http://www.zope.com       http://www.zope.org