On 7/22/06, Armin Rigo <[EMAIL PROTECTED]> wrote:
> Re-hi,
>
> On Wed, Jul 19, 2006 at 03:35:45PM -0700, Brett Cannon wrote:
> > http://svn.python.org/view/python/branches/bcannon-sandboxing/securing_python.txt?rev=50717&view=log.
>
> I'm not sure I understand what you propose to fix holes like
> constructors and __subclasses__: it seems that you want to remove them
> altogether (and e.g. make factory functions instead). That would
> completely break all programs, right?
Not altogether, just constructors on select types who are considered dangerous from a security standpoint. The breakage won't be horrible, but it will be there for advanced Python code.
I will try to make the wording more clear when I get back to work on Tuesday.
> I mean, there is no way such
> changes would go into mainstream CPython.
If this has to wait until Py3k then so be it.
> Or do you propose to maintain
> a CPython branch manually for the foreseeable future? (From experience
> this is a bad idea...)
>
Yeah, not my idea of fun either, but since this is a long term project, I will at least need to for the foreseeable future.
-Brett
_______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
