Great write up, Ivan! I guess I need some more use cases to understand it further, though. Specifically, in the context of Etoys VM and Etoys projects (or perhaps it would be similar to the Python execution engine and Python code), I couldn't figure out what would be the appropriate default protection flags.
For example, Etoys (the current version) has an ability to open the camera and grab frames out of it. One would imagine to write an Etoy program that captures the movement of the sun by automatically taking a photo for every 30 minutes. And, suppose a teacher writes such a program and wants it to be executed by his students. How does this senario work with Bitfrost? (Sorry that my understanding of this is pretty shallow...) Another example in Etoys is multi-file-type file browser. It sounds like that one can write a photo browser, but cannot write a photo and movie browser. Is this true? It would be a strict restriction in Etoys as one often wants make a project with sound and pictures. In section 6, it seems that a user-written Python file can have these flags as (perhaps) metadata. I think (of course) the protection flags of such file should not be able to lessen the protection provided by the Python execution engine program, but the execution engine shouldn't have too strong protection by default to allow some interesting stuff by children. (The user seems to "install" such a Python code as a "program", and upon that installation, he seems to have a chance to modify the protection. Is this right?) It probably comes down to: 1) setting the protection flags of an "executable document", and 2) transitive protection of an execution engine and loaded program/document on it. (If I understand correctly.) Thank you again and sorry for asking these random questions... -- Yoshiki _______________________________________________ Devel mailing list [email protected] http://mailman.laptop.org/mailman/listinfo/devel
