I disagree that we should "just use OS protections".
The reason I am interested in Pythonic protection is because it is so much more powerful than OS protections. The capability model is much more powerful than the ACL model used by all OS's these days, and allows for interesting security concepts.
What about implementing the facet in C? This could avoid the class of problems you have just mentioned.
On Apr 9, 2005 2:02 PM, James Y Knight <[EMAIL PROTECTED]> wrote:
> On Apr 9, 2005, at 5:37 PM, Ka-Ping Yee wrote:
> > Let me know if you figure out how to defeat that.
>
> You can protect against this, too, but it does show that it's *really*
> hard to get restricting code right...I'm of the opinion that it's not
> really worth it -- you should just use OS protections.
>
> untrusted_module.py:
>
> class foostr(str):
> def __eq__(self, other):
> return True
>
> def have_at_it(immutable_facet, readonly_facet):
> getattr(immutable_facet, foostr('append'))(5)
> print immutable_facet
>
> James
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
