rfi : bestpractises for implementing secure policies in python

Banibrata Dutta banibrata.dutta at gmail.com
Tue Feb 3 07:31:44 CET 2009


Hi,
Wondering if it is at-all possible to implement "secure" (s.a. not viewable
/ tunable / tweakable) "Policies" in python ?
Use-cases:
1) License enforcement -- Same application, licensed at differential price
levels, based on various feature-sets.
2) "Parental-Control" enforcement. Application usable, with *all* features
only if adult (a particular user-id) is using, and *restricted* feature set
if a child is using it.
3) Enterprise Policy enforecement -- People from Dept-X shouldn't be able to
use the application feature-set A, but only set B. However, people from
Dept-Y should be able to feature-set A & B.

The question is for what could be a desktop (standalone) python application,
or a hosted (SaaS) application. The target user group includes "Programmers"
and "hackers", so while application need not be Fort Knox (no national
secrets or mission-critical), it need to deter basic-to-moderate hacker
attempts at bypassing policy.

Seeking best-practise advice, including alternatives s.a. mixed-Language
usage (but ideally, multi-platform / portable approaches).

-- 
regards,
Banibrata
http://www.linkedin.com/in/bdutta
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20090203/254fa42b/attachment.html>


More information about the Python-list mailing list