[Python-Dev] new security doc using object-capabilities
Nick Coghlan
ncoghlan at gmail.com
Mon Jul 24 13:21:22 CEST 2006
Brett Cannon wrote:
> On 7/23/06, *Armin Rigo* <arigo at tunes.org <mailto:arigo at tunes.org>> wrote:
> Also, I hate to sound self-centered, but I should point out somewhere
> that PyPy was started by people who no longer wanted to maintain a fork
> of CPython, and preferred to work on building CPython-like variants
> automatically. Many of the security features you list would be quite
> easier to implement and maintain in PyPy than CPython -- also from a
> security perspective: it is easier to be sure that some protection is
> complete, and remains complete over time, if it is systematically
> generated instead of hand-patched in a dozen places.
>
>
> It doesn't sound self-centered. =) Problem is that my knowledge base
> is obviously all in CPython so my startup costs are much lower than if I
> tried this in PyPy. Plus there is the point of embedding this into
> Firefox (possibly) eventually. Does PyPy support embedding yet at the C
> level?
Another rationale for basing the work on CPython is that it should be possible
to implement the resulting security model regardless of the implementation
language used for the interpreter core (C/Python, Java/Python, C#/Python,
RPython/Python). If you can figure out how to do it in C, it should be
feasible to do it in the others.
Cheers,
Nick.
--
Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia
---------------------------------------------------------------
http://www.boredomandlaziness.org
More information about the Python-Dev
mailing list