Eyal Lotem wrote:
I would like to experiment with security based on Python references as
security capabilities.
Unfortunatly, there are several problems that make Python references
invalid as capabilities:
* There is no way to create secure proxies because there are no
private attributes.
* Lots of Python objects are reachable unnecessarily breaking the
principle of least privelege (i.e: object.__subclasses__() etc.)
I was wondering if any such effort has already begun or if there are
other considerations making Python unusable as a capability platform?
You might want to have a look at mxProxy objects. These
were created to provide secure wrappers around Python
objects with a well-defined access mechanism, e.g.
by defining a list of methods/attributes which can
be accessed from the outside or by creating a method
which then decides whether access is granted or not:
http://www.egenix.com/files/python/mxProxy.html
Note that the new-style classes may have introduced some
security leaks. If you find any, please let me know.
PS: A nice side-effect of the these proxy objects is that
you can create weak-reference to all Python objects (not just
those that support the protocol).
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Source (#1, Apr 18 2005)
>>> Python/Zope Consulting and Support ... http://www.egenix.com/
>>> mxODBC.Zope.Database.Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
________________________________________________________________________
::: Try mxODBC.Zope.DA for Windows,Linux,Solaris,FreeBSD for free ! ::::
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com