[Python-Dev] rexec.py unuseable

Jp Calderone exarkun at intarweb.us
Tue Dec 16 05:39:26 CET 2003

[python-dev un-CC'd]

On Mon, Dec 15, 2003 at 11:36:39PM +0000, Luke Kenneth Casson Leighton wrote:
> On Mon, Dec 15, 2003 at 04:36:35PM -0500, Jeremy Hylton wrote:
> > [snip - problems with rexec]
>  okay.
>  i think the only really sensible way forward is to begin from a
>  sound basis - one that is going to be a big job to add retrospectively,
>  but a simple beginning can be made.
>  proposal: how about building ACLs into the python codebase?

  I would be very strongly against that.

  Python references much more closely parallel capabilities-based security,
and capabilities-based security is much more flexible and expressive.

  Whether through ACLs or caps, a lot of the work is probably going to fall
to you, since few others have expressed sufficient interest (that is to say,
interest enough to actually do the work) in this feature for CPython.

  It may be more productive to examine an alternate Python implementation
for this functionality.  A little googling should take you a long way on

> [snip - strange ACL protocol definition]


More information about the Python-list mailing list