limited python virtual machine
Alex Martelli
aleaxit at yahoo.com
Sat Jan 29 17:23:10 EST 2005
Skip Montanaro <skip at pobox.com> wrote:
> Alex> I dunno, maybe I'm just being pessimistic, I guess...
>
> No, I think you are being realistic. I thought one of the basic tenets of
> computer security was "that which is not expressly allowed is forbidden".
> Any attempt at security that attempts to find and plug the security holes
> while leaving the basic insecure system intact is almost certainly going to
> miss something.
I guess security is drastically different from all other programming
spheres because you DO have an adversary, who you should presume to be
at least as clever as you are. In most tasks, good enough is good
enough and paranoia doesn't pay; when an adversary IS there, only the
paranoid survive...;-)
Alex
More information about the Python-list
mailing list