[Python-Dev] Security capabilities in Python

Eyal Lotem eyal.lotem at gmail.com
Sun Apr 10 18:08:01 CEST 2005

It may be really hard to get it right, unless we are overlooking some simple 

I disagree that we should "just use OS protections".
The reason I am interested in Pythonic protection is because it is so much 
more powerful than OS protections. The capability model is much more 
powerful than the ACL model used by all OS's these days, and allows for 
interesting security concepts.

What about implementing the facet in C? This could avoid the class of 
problems you have just mentioned.

On Apr 9, 2005 2:02 PM, James Y Knight <foom at fuhm.net> wrote:
> On Apr 9, 2005, at 5:37 PM, Ka-Ping Yee wrote:
> > Let me know if you figure out how to defeat that.
> You can protect against this, too, but it does show that it's *really*
> hard to get restricting code right...I'm of the opinion that it's not
> really worth it -- you should just use OS protections.
> untrusted_module.py:
> class foostr(str):
> def __eq__(self, other):
> return True
> def have_at_it(immutable_facet, readonly_facet):
> getattr(immutable_facet, foostr('append'))(5)
> print immutable_facet
> James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.python.org/pipermail/python-dev/attachments/20050410/600d8b8e/attachment.htm

More information about the Python-Dev mailing list