[Python-Dev] capability-mediated modules
Tue, 18 Mar 2003 11:36:42 -0500
(I, Zooko, wrote the lines prepended with "> > ".)
Aahz <email@example.com> wrote:
> > For example, suppose you want to control the ability to listen on
> > sockets for network traffic. If there is a reference (e.g., to an
> > object) that represents the privilege of listening on sockets, then
> > you can give such a reference to one object, allowing that object it
> > to listen on sockets, while withholding it from another object, thus
> > preventing that one from listening on sockets.
> Doesn't that only work if the second object never gains a reference to
> the first object?
This is why real mandatory private data is needed. The second object could have
a reference to the first object, and could use the first object through some
interface offered by the first object, without being able to access the first
object's socket-listener capability.
^-- under re-construction: some new stuff, some broken links