[Python-Dev] Security capabilities in Python
Jim Fulton
jim at zope.com
Fri Apr 8 16:45:22 CEST 2005
You might take a look at zope.security:
http://svn.zope.org/Zope3/trunk/src/zope/security/
It isn't a capability-based system, but it does address
similar problems and might have some useful ideas.
See the README.txt and untrustedinterpreter.txt.
Jim
Eyal Lotem wrote:
> I would like to experiment with security based on Python references as
> security capabilities.
>
> Unfortunatly, there are several problems that make Python references
> invalid as capabilities:
>
> * There is no way to create secure proxies because there are no
> private attributes.
> * Lots of Python objects are reachable unnecessarily breaking the
> principle of least privelege (i.e: object.__subclasses__() etc.)
>
> I was wondering if any such effort has already begun or if there are
> other considerations making Python unusable as a capability platform?
>
> (Please cc the reply to my email)
> _______________________________________________
> Python-Dev mailing list
> Python-Dev at python.org
> http://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: http://mail.python.org/mailman/options/python-dev/jim%40zope.com
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Python-Dev
mailing list