On Mon, Jul 12, 2010 at 3:45 AM, Steven D'Aprano <steve-remove-t...@cybersource.com.au> wrote: > On Mon, 12 Jul 2010 02:56:34 -0400, Terry Reedy wrote: > >> On 7/11/2010 12:51 PM, pyt...@bdurham.com wrote: >>> I have a complex object with attributes that contain lists, sets, >>> dictionaries, and other objects. The lists and dictionaries may >>> themselves contain complex objects. >>> I would like to provide a read-only version of this type of object for >>> other developers to query for reporting. Is there a way to prevent >>> other developers from changing the attributes of my complex and nested >>> object? >>> In researching this question, I have identified __setattr__ and >>> __delattr__ as possible ways to prevent changes to simple attributes, >>> but I don't believe these magic methods will prevent others from >>> fiddling with attributes containing lists and dictionaries or the >>> contents of these lists and dictionaries. >> >> Python was not really not developed for multi-developer projects whose >> members are willing to stomp on each others objects. > > I like the idea of competition-driven development, where the code that > survives best in the face of hostile developers gets used.
You jest, but I've actually done this. The goal was to test security awareness among developers- we formed two tiger teams, one to develop code and one to exploit it, and had one member of the developer group as a saboteur. His goal was to put in the largest possible vulnerability without getting caught, while the others wanted to produce the most secure code they could that met spec. Geremy Condra -- http://mail.python.org/mailman/listinfo/python-list
