On 6/27/06, Jim Jewett <[EMAIL PROTECTED]> wrote:
Sure.
They don't compile themselves out unless you didn't compile the functionality in at all, but yes, that's right.
Yep. Once the C API is settled equivalents at the Python level will be dealt with.
Rename seems reasonable. And yes, that is the right idea of usage.
Yep.
I think I will try to add a paragraph at the top using pseudocode, showing typical usage.
-Brett
On 6/27/06, Brett Cannon <[EMAIL PROTECTED]> wrote:
> On 6/27/06, Jim Jewett <[EMAIL PROTECTED]> wrote:
>
> > On 6/27/06, Brett Cannon < [EMAIL PROTECTED]> wrote:
> Shouldn't be as long as you put the call right after variable declarations
> and you don't do an PyObject creation at variable declaration time.
When PEPping this, please add that restriction to the Extension Module
Crippling section.
Sure.
> > I just want a single call that does my erroring out, instead of two
> > separate calls depending on whether the interpreter is trusted.
> Oh, you won't! You have the set call before you even start using the
> interpreter to define your restrictions; that has a return value to flag
> that you are trying to set restrictions on a trusted interpreter, and thus
> are trying to do somethign that just won't work. Then you have the check
> functions that run in *any* interpreter.
This is what I was missing -- the bit about who uses which part of the API.
Is the following correct:
Py_XXXCheck* and Py_XXXExtendedCheck* are called by C extension
modules. They error out of the current function if the action would
not be allowed. (In the special case of of a fully trusted function,
the happen to compile themselves out.)
They don't compile themselves out unless you didn't compile the functionality in at all, but yes, that's right.
There may be some Py_XXXInfo functions added to find out what the
limits are, particularly for python code.
Yep. Once the C API is settled equivalents at the Python level will be dealt with.
Py_XXXTrusted() should really be renamed Py_XXXCheckTrusted().
Crippled extension modules should really use Py_XXXCheck*, but
PyXXXCheckTrusted is a quick way to get all-or-nothing.
Rename seems reasonable. And yes, that is the right idea of usage.
No other PyXXX functions should ever be (directly) called by any
loadable module, not even by C extension modules; they are called only
by an embedding program.
Yep.
I think I will try to add a paragraph at the top using pseudocode, showing typical usage.
-Brett
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
