[Python-Dev] Capabilities

Greg Ewing greg@cosc.canterbury.ac.nz
Tue, 11 Mar 2003 09:23:10 +1300 (NZDT)

Ka-Ping Yee <ping@zesty.ca>:

> The eventual ideal is to have a system where all objects are
> "pure" objects (i.e. non-introspectable capabilities) by default.

Perhaps it would be useful to distinguish between what
might be called "read-only" introspection, and more
powerful forms of introspection.

Usually it doesn't do any harm to be able to find out
things like what class an object belongs to and what
methods it supports, so perhaps these kinds of
introspections don't need to be restricted by default.

But more intrusive things like reading/writing arbitrary
attributes or calling arbitrary methods would require
special permission.

Greg Ewing, Computer Science Dept, +--------------------------------------+
University of Canterbury,	   | A citizen of NewZealandCorp, a	  |
Christchurch, New Zealand	   | wholly-owned subsidiary of USA Inc.  |
greg@cosc.canterbury.ac.nz	   +--------------------------------------+