[Python-Dev] Security capabilities in Python
Ka-Ping Yee
python-dev at zesty.ca
Sat Apr 9 23:46:11 CEST 2005
On Sat, 9 Apr 2005, Michael Hudson wrote:
> The funniest I know is part of PyPy:
>
> def extract_cell_content(c):
> """Get the value contained in a CPython 'cell', as read through
> the func_closure of a function object."""
> # yuk! this is all I could come up with that works in Python 2.2 too
> class X(object):
> def __eq__(self, other):
> self.other = other
> x = X()
> x_cell, = (lambda: x).func_closure
> x_cell == c
> return x.other
That's pretty amazing.
> It would be unfortunate for PyPy (and IMHO, very un-pythonic) if this
> process became impossible.
Not a problem. func_closure is already a restricted attribute.
IMHO, the clean way to do this is to provide a built-in function to
get the cell content in a more direct and reliable way, and then
put that in a separate module with other interpreter hacks.
That both makes it easier to do stuff like this, and easier to prevent
it simply by forbidding import of that module.
-- ?!ng
More information about the Python-Dev
mailing list