[Python-Dev] Add a frozendict builtin type
Mark Janssen
dreamingforward at gmail.com
Fri Mar 2 01:25:35 CET 2012
On Thu, Mar 1, 2012 at 10:00 AM, Guido van Rossum <guido at python.org> wrote:
>
> I do know that I don't feel comfortable having a sandbox in the Python
> standard library or even recommending a 3rd party sandboxing solution
> -- if someone uses the sandbox to protect a critical resource, and a
> hacker breaks out of the sandbox, the author of the sandbox may be
> held responsible for more than they bargained for when they made it
> open source. (Doesn't an open source license limit your
> responsibility? Who knows. AFAIK this question has not gotten to court
> yet. I wouldn't want to have to go to court over it.)
>
Since there's no way (even theoretical way) to completely secure anything
(remember the DVD protection wars?), there's no way there should be any
liability if reasonable diligence is performed to provide security where
expected (which is probably calculable to some %-age of assets protected).
It's like putting a lock on the door of your house -- you can't expect to
be held liable is someone has a crowbar.
Open sourcing code could be said to be a disclaimer on any liability as
your letting people know that you've got nothing your trying to conceal.
It's like a dog who plays dead: by being totally open you're actually
more secure....
mark
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20120301/4a3fd122/attachment.html>
More information about the Python-Dev
mailing list