[Python-Dev] new security doc using object-capabilities

[Lawrence Oluyede]

> Should be faster than an IBAC model since certain calls will not need to
> check the identity of the caller every time.
>
> But I am not worrying about performance, I am worrying about correctness, so
> I did not try to make any performance claims.

Got that.

> Nope.  Have not started worrying about that yet.  Just trying to get the
> basic model laid out.

Ok sorry to have bothered

> That is the point.  It is not that the sandbox needs to know it, its that it
> needs to be hidden from the sandbox.

So I think that's a "simple" step during the importing step.

> I have not looked at it.  I am also not trying to build an RPC system *and*
> a security model for Python.  That is just too much work right now.

Ok sorry :-)

> Thanks, Lawrence.

Thank you!

-- 
Lawrence
http://www.oluyede.org/blog