Brett Cannon wrote:
> Good point. C code could circumvent the bit check by doing all of the
> work behind the scenes without pushing the object on the stack. But if
> the check is in the C code for the object itself it is much harder to
> get around.
C code can circumvent the bit check by calling fopen() directly and pushing
something onto the stack that isn't even recognised by the interpreter as a
file object :)
You *have* to trust C code completely before importing it, because it has
access to the platform C library and can do whatever the heck it wants.
Cheers,
Nick.
--
Nick Coghlan | [EMAIL PROTECTED] | Brisbane, Australia
---------------------------------------------------------------
http://www.boredomandlaziness.org
_______________________________________________
Python-Dev mailing list
[email protected]
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
