[Python-Dev] Security capabilities in Python

M.-A. Lemburg mal at egenix.com
Mon Apr 18 19:47:03 CEST 2005

Eyal Lotem wrote:
> I would like to experiment with security based on Python references as
> security capabilities.
> Unfortunatly, there are several problems that make Python references
> invalid as capabilities:
> * There is no way to create secure proxies because there are no
> private attributes.
> * Lots of Python objects are reachable unnecessarily breaking the
> principle of least privelege (i.e: object.__subclasses__() etc.)
> I was wondering if any such effort has already begun or if there are
> other considerations making Python unusable as a capability platform?

You might want to have a look at mxProxy objects. These
were created to provide secure wrappers around Python
objects with a well-defined access mechanism, e.g.
by defining a list of methods/attributes which can
be accessed from the outside or by creating a method
which then decides whether access is granted or not:


Note that the new-style classes may have introduced some
security leaks. If you find any, please let me know.

PS: A nice side-effect of the these proxy objects is that
you can create weak-reference to all Python objects (not just
those that support the protocol).

Marc-Andre Lemburg

Professional Python Services directly from the Source  (#1, Apr 18 2005)
 >>> Python/Zope Consulting and Support ...        http://www.egenix.com/
 >>> mxODBC.Zope.Database.Adapter ...             http://zope.egenix.com/
 >>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/

::: Try mxODBC.Zope.DA for Windows,Linux,Solaris,FreeBSD for free ! ::::

More information about the Python-Dev mailing list