On 6/30/06, Ka-Ping Yee <[EMAIL PROTECTED]> wrote:
Well, this is only file() we are worrying about leaking out. Stuff from import are the worry here.
That's fine; I personally have no issue with tweaking the security model for Py3K. But I am worrying about 2.x here.
-Brett
On Fri, 30 Jun 2006, Brett Cannon wrote:
> On 6/30/06, Armin Rigo <[EMAIL PROTECTED]> wrote:
> > >>> object.__subclasses__()
> > [..., <type 'file'>]
> >
> > Maybe this one won't work if __subclasses__ is forbidden, but in general
> > I think there *will* be a way to find this object.
>
> Yeah, that's been my (what I thought was paranoid) feeling. Glad I am not
> the only one who thinks that hiding file() is near impossible.
If you want to do this right, it should be about *making* hiding
possible. If you can't hide things, it will be hard to get very far.
Well, this is only file() we are worrying about leaking out. Stuff from import are the worry here.
I realize that may be difficult for Python 2.x, but hiding is pretty
essential for security. It would be really good to keep this in mind
for the design of Python 3k. (It doesn't mean we can't have introspection,
just that we need to agree on some discipline for how to do it.)
That's fine; I personally have no issue with tweaking the security model for Py3K. But I am worrying about 2.x here.
-Brett
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
