On Sun, Feb 22, 2009 at 8:14 PM, P.J. Eby <p...@telecommunity.com> wrote: > At 07:56 PM 2/22/2009 -0800, Guido van Rossum wrote: >> >> On Sun, Feb 22, 2009 at 7:39 PM, P.J. Eby <p...@telecommunity.com> wrote: >> > Just a question, but, if you just need a pure-python restricted >> > environment >> > for App Engine, why not just use the RestrictedPython package (i.e., >> > http://pypi.python.org/pypi/RestrictedPython )? >> >> How does that work? Remember, app engine doesn't support certain >> things, and bytecode manipulations (if that's what RestrictedPython >> does) are one of the unsupported things. > > It doesn't modify bytecode, it modifies an AST. It basically replaces > prints, and attribute/item read/writes with function calls.
If it rewrites *every* attribute read/write with a function call that can get really expensive. Are you saying it also replaces getitem/setitem? Even worse. > Unfortunately, > it does this AST modification by running as a traversal against the stdlib > compiler package's AST, not a modern AST. So, I suppose it might not be > usable as-is on app engine. Actually, its essential components are easily retrieved through a hack (Google for it ;-). If I weren't so busy I would have made it importable a long time agon. > It does, however, have the advantage of having been used in Zope for oh, six > or seven years now? ISTM that it first came out around the same time as > Python 2.3, and the latest version just dropped support for Python 2.1 and > 2.2. So, if you want something that wasn't thrown together in an afternoon, > it might be a good thing to take a look at. ;-) > > >> The other reason I can think of is that Tav is a capabilities purist. :-) > > You can implement capabilities on top of RestrictedPython; it's simply a > policy-neutral enforcement framework. > > -- --Guido van Rossum (home page: http://www.python.org/~guido/) _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com