[Python-Dev] Re: Capabilities
Guido van Rossum
guido@python.org
Mon, 10 Mar 2003 10:40:30 -0500
[Ping]
> By the way -- to avoid confusion between "proxies used to wrap
> unrestricted objects in order to make them into secure objects" and
> "proxies used to reduce the interface of an existing secure object",
> let's call the first "proxy" (as has been used in the "rexec vs. proxy"
> discussion so far), and call the second a "facet" (which is the term
> commonly used when capabilities people talk about reducing an interface).
> We often talk about providing, say, a "read-only facet" on an object.
Hm, I'm not sure I understand the difference between the two
definitions you give. What does "making something into a secure
object" mean if not "reducing its interface"? And what is the
fundamental difference between a secure object and an insecure one?
In my world view there's a gradual difference. The only truly secure
object is None. :-)
--Guido van Rossum (home page: http://www.python.org/~guido/)