rfi : bestpractises for implementing secure policies in python
Banibrata Dutta
banibrata.dutta at gmail.com
Tue Feb 3 01:31:44 EST 2009
Hi,
Wondering if it is at-all possible to implement "secure" (s.a. not viewable
/ tunable / tweakable) "Policies" in python ?
Use-cases:
1) License enforcement -- Same application, licensed at differential price
levels, based on various feature-sets.
2) "Parental-Control" enforcement. Application usable, with *all* features
only if adult (a particular user-id) is using, and *restricted* feature set
if a child is using it.
3) Enterprise Policy enforecement -- People from Dept-X shouldn't be able to
use the application feature-set A, but only set B. However, people from
Dept-Y should be able to feature-set A & B.
The question is for what could be a desktop (standalone) python application,
or a hosted (SaaS) application. The target user group includes "Programmers"
and "hackers", so while application need not be Fort Knox (no national
secrets or mission-critical), it need to deter basic-to-moderate hacker
attempts at bypassing policy.
Seeking best-practise advice, including alternatives s.a. mixed-Language
usage (but ideally, multi-platform / portable approaches).
--
regards,
Banibrata
http://www.linkedin.com/in/bdutta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20090203/254fa42b/attachment.html>
More information about the Python-list
mailing list