[Python-Dev] Taint Mode in Python 3.0 RC3
Nicole King
nicole at cats-muvva.net
Thu Nov 27 20:52:43 CET 2008
Dear All,
I found I needed support for taint mode in python and have done some work to
realise this. It's by no means complete at this time, but I'm floating this
idea on this group to see how much interest there is.
The implementation is pretty simple:
- an extra field in PyObject to maintain the taint status
- a couple of extra functions __gettaint__() that returns the taint status and
__settaint__(value) that sets the taint value, returning the previous status
- an additional command-line flag -a and environment variable
PYTHONIGNORETAINT that suppress taint checking
- a few macros defined in Objects/object.h to support taint management
- a new built-in exception, PyExc_TaintError, for reporting operations on
tainted objects
You can pick up the diff at
http://www.cats-muvva.net/software/Python-taint-diff-3.0rc3.tar.bz2
This diff is ONLY for 3.0RC3. Given that I have only a limited understanding
of the internals of Python (but it's very clearly written), I'm sure there
are some behaviours I've overlooked.
I have done very little testing at this point, but, at least, everything
compiles!
Regards
Nicole King (aka CatsMuvva)
More information about the Python-Dev
mailing list