On 6/27/06, <b class="gmail_sendername">Jim Jewett</b> <<a href="mailto:firstname.lastname@example.org">email@example.com</a>> wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
On 6/27/06, Brett Cannon <<a href="mailto:firstname.lastname@example.org">email@example.com</a>> wrote:<br>> My worry with this is that by providing checking functions that just return<br>> true or false that people will rely on those too much and have logic errors
<br>> in their check and let security holes develop. That is why the checking<br>> functions as they stand now are macros that do the error return for you.<br><br>Using a macro that returns an Error is OK. (Well, from this
<br>perspective; it might be a problem for reference leaks.)</blockquote><div><br>Shouldn't be as long as you put the call right after variable declarations and you don't do an PyObject creation at variable declaration time.
<br></div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">I just want a single call that does my erroring out, instead of two<br>separate calls depending on whether the interpreter is trusted.
</blockquote><div><br>Oh, you won't! You have the set call before you even start using the interpreter to define your restrictions; that has a return value to flag that you are trying to set restrictions on a trusted interpreter, and thus are trying to do somethign that just won't work. Then you have the check functions that run in *any* interpreter. If you happen to be running in a trusted interpreter, then they do nothing; basically a NOOP and allow execution to continue. But if you are running an untrusted interpreter, the check is performed.
<br><br>Does that make sense? In running code within an interpreter there is no trusted/untrusted distinction when it comes to using checking functions. The distinction only exists outside the interpreter before you begin using it.