This looks very interesting. What I like about Tav's approach is that it should also be directly applicable to Jython. Much like Jython in general, there's a tight correspondence between typeobject.c/PyType.java and genobject.c/PyGenerator.java. So we plan on trying out a similar, presumably small patch too.
What will be very helpful here is identifying a set of tests that verify these claims of restricted execution. - Jim On Mon, Feb 23, 2009 at 4:03 PM, tav <[email protected]> wrote: > Hey Martin, > > >> The patch is a mere 6 lines of code and provides the absolute minimum > >> that is needed to secure the Python interpreter! > > > > Unlike Guido, I'm not quite willing to your word for it. > > You are right. Sorry, I was a bit too enthusiastic and overstated the case. > > How about: "it could possibly enable a secured Python interpreter" ? > > > OTOH, the patch looks harmless (with minor corrections). It could > > be considered a bug fix for the current set of restricted attributes > > Yes, and it is in that light that I would like the patch to be accepted. > > -- > love, tav > > plex:espians/tav | [email protected] | +44 (0) 7809 569 369 > http://tav.espians.com | http://twitter.com/tav | skype:tavespian > _______________________________________________ > Python-Dev mailing list > [email protected] > http://mail.python.org/mailman/listinfo/python-dev > Unsubscribe: > http://mail.python.org/mailman/options/python-dev/jbaker%40zyasoft.com > -- Jim Baker [email protected]
_______________________________________________ Python-Dev mailing list [email protected] http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
