Re: [Python-Dev] doc for new restricted execution design for Python

[Brett Cannon]

On 7/5/06, Michael Chermside <[EMAIL PROTECTED]> wrote:

Ka-Ping Yee writes:
> If you mean getting from a trusted interpreter to an untrusted
> interpreter -- then how is a resource going to travel between
> interpreters?

Brett Cannon responds:
> Beats me, but I am always scared of Armin and Samuele.  =)

Okay, those two scare me also, but I would still rather not
spread FUD.

I don't consider it FUD.  Armin in an email said that he thought it was a losing battle to try to hide 'file' from an interpreter.  That is what I am worried about, period.  Everythign else can be protected through resource hiding.

Your proposal contains lots of details about how to
address the danger that Python objects can cross from one
interpreter to another. Could we instead attack that straight-on
and try to find a convincing proof that objects cannot possibly
cross the interpreter barrier? If so, it would simplify a bit
of your proposal, and make me feel a little less worried.

As I said to Ping, if people *really* think this is doable and are willing to help out with this, then fine, I am willing to give this a shot.  But I know I don't personally know enough about every random corner of the code base like Armin and Samuele know in order to feel comfortable in claiming I can pull this off by myself.

-Brett

_______________________________________________
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe: 
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com