[Python-Dev] new security doc using object-capabilities
Armin Rigo
arigo at tunes.org
Sat Jul 22 13:46:15 CEST 2006
Re-hi,
On Wed, Jul 19, 2006 at 03:35:45PM -0700, Brett Cannon wrote:
> http://svn.python.org/view/python/branches/bcannon-sandboxing/securing_python.txt?rev=50717&view=log.
I'm not sure I understand what you propose to fix holes like
constructors and __subclasses__: it seems that you want to remove them
altogether (and e.g. make factory functions instead). That would
completely break all programs, right? I mean, there is no way such
changes would go into mainstream CPython. Or do you propose to maintain
a CPython branch manually for the foreseeable future? (From experience
this is a bad idea...)
A bientot,
Armin
More information about the Python-Dev
mailing list