At 07:56 PM 2/22/2009 -0800, Guido van Rossum wrote:
On Sun, Feb 22, 2009 at 7:39 PM, P.J. Eby <p...@telecommunity.com> wrote:
> Just a question, but, if you just need a pure-python restricted environment
> for App Engine, why not just use the RestrictedPython package (i.e.,
> http://pypi.python.org/pypi/RestrictedPython )?
How does that work? Remember, app engine doesn't support certain
things, and bytecode manipulations (if that's what RestrictedPython
does) are one of the unsupported things.
It doesn't modify bytecode, it modifies an AST. It basically
replaces prints, and attribute/item read/writes with function
calls. Unfortunately, it does this AST modification by running as a
traversal against the stdlib compiler package's AST, not a modern
AST. So, I suppose it might not be usable as-is on app engine.
It does, however, have the advantage of having been used in Zope for
oh, six or seven years now? ISTM that it first came out around the
same time as Python 2.3, and the latest version just dropped support
for Python 2.1 and 2.2. So, if you want something that wasn't thrown
together in an afternoon, it might be a good thing to take a look at. ;-)
The other reason I can think of is that Tav is a capabilities purist. :-)
You can implement capabilities on top of RestrictedPython; it's
simply a policy-neutral enforcement framework.
_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
