[Python-Dev] file(file)
Brett Cannon
brett at python.org
Sat Jan 13 03:42:06 CET 2007
On 1/12/07, glyph at divmod.com <glyph at divmod.com> wrote:
> On 12:37 am, brett at python.org wrote:
>
> >For security reasons I might be asking for file's constructor to be
> >removed from the type for Python source code at some point (it can be
> >relocated to an extension module if desired). By forcing people to go
> >through open() to create a file object you can more easily control
> >read/write access to the file system (assuming the proper importation
> >of extension modules has been blocked). Not removing the constructor
> >allows any code that has been explicitly given a file object but not
> >open() to just get the class and call the constructor to open a new
> >file.
>
> This is a general problem with type access. Secure versions of any type
> should not allow access to the type period. It is hardly unique to files,
> and is not limited to constructors either. How do you, e.g., allow a
> restricted piece of code write access to only a specified area of the
> filesystem?
>
Wrapper around open() that does proper checking of its arguments. I
will be discussing my security stuff at PyCon if you are attending and
are interested.
-Brett
More information about the Python-Dev
mailing list