Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 01:40:57PM +, David Wilson wrote: > On Tue, Apr 12, 2016 at 11:12:27PM +1000, Steven D'Aprano wrote: > > I can think of one possible threat. Suppose that the locale library > > has a bug, so that calling "aardvark".isdigit seg faults, potentially > > executing arbitrary

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 11:03:11PM +1000, Chris Angelico wrote: > One of the key differences with scripts in web browsers is that there > *is* no "outer environment" to access. If you think that then I think you considerably misunderstand how modern browsers work. > Remember what I said about

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 10:45:06PM +1000, Chris Angelico wrote: > On Tue, Apr 12, 2016 at 10:42 PM, Jon Ribbens > <jon+python-...@unequivocal.co.uk> wrote: > > That's not a vulnerability, and it's something I already explicitly > > mentioned - if you can get a functi

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 02:16:57PM +0200, Victor Stinner wrote: > I read your code and the code of CPython. I found many issues. Thanks for your efforts. > Your "safe import" hides real functions with a proxy. Ok. But the code > of modules is still run in the real namespace, Yes, that was the

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 02:31:19PM +0200, Victor Stinner wrote: > Oh, I forgot to mention another vulnerability: you block access to > attributes by replacing getattr and by analyzing the AST. Ok, but one > more time, it's not enough. If you get access to obj.__dict__, you > will likely get access

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 02:05:06PM +0200, Victor Stinner wrote: > 2016-04-12 13:10 GMT+02:00 Jon Ribbens <jon+python-...@unequivocal.co.uk>: > > No, it's a matter of reducing the whitelist. I must admit that > > I don't understand in what way this is not already clear. Lo

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 01:38:09PM +0200, Maciej Fijalkowski wrote: > Jon, let me reiterate. You asked people to break it (that's the title > of the thread) and they did so almost immediately. Then you patched > the thing and asked them to break it again and they did. Now the > faulty assumption

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 06:21:04AM -0400, Isaac Morland wrote: > On Tue, 12 Apr 2016, Jon Ribbens wrote: > >>This is still a massive game of whack-a-mole. > > > >No, it still isn't. If the names blacklist had to keep being extended > >then you would be right, b

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 08:27:14PM +1000, Chris Angelico wrote: > On Tue, Apr 12, 2016 at 8:06 PM, Jon Ribbens > <jon+python-...@unequivocal.co.uk> wrote: > > No, it still isn't. If the names blacklist had to keep being extended > > then you would be right, but tha

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 06:57:37PM +1000, Chris Angelico wrote: > And yes, you win if you get another module. Interestingly, you're > allowed to import urllib.parse, but not urllib itself; but "import > urllib.parse" makes urllib available - and, since modules inside > modules are blacklisted,

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-12 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 06:28:34PM +1000, Chris Angelico wrote: > On Sat, Apr 9, 2016 at 12:18 AM, Jon Ribbens > <jon+python-...@unequivocal.co.uk> wrote: > > Anyway the code is at https://github.com/jribbens/unsafe > > It requires Python 3.4 or later (it could

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-11 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 01:08:36PM +1200, Greg Ewing wrote: > Jon Ribbens wrote: > >So far it looks like blocking "_*" and the frame object attributes > >appears to be sufficient. > > Even if your sandbox as it currently exists is secure, it's > only an extremel

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-11 Thread Jon Ribbens
On Tue, Apr 12, 2016 at 03:02:54AM +1000, Chris Angelico wrote: > On Tue, Apr 12, 2016 at 2:53 AM, Jon Ribbens > <jon+python-...@unequivocal.co.uk> wrote: > > On Mon, Apr 11, 2016 at 04:04:21PM +0100, Paul Moore wrote: > >> However, it's not at all clear (to me at l

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-11 Thread Jon Ribbens
On Mon, Apr 11, 2016 at 04:04:21PM +0100, Paul Moore wrote: > However, it's not at all clear (to me at least) what you *are* trying > to do. I'm trying to see to what extent we can use ast node inspection to remedy the failures of prior attempts at Python sandboxing. Is there *any* extent to

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-11 Thread Jon Ribbens
On Mon, Apr 11, 2016 at 08:35:11AM -0700, Nikolaus Rath wrote: > On Apr 11 2016, Jon Ribbens <jon+python-...@unequivocal.co.uk> wrote: > >> What I see is that you asked to break your sandbox, and less than 1 > >> hour later, a first vulnerability was found (exec call

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-11 Thread Jon Ribbens
On Mon, Apr 11, 2016 at 11:40:05AM +0200, Victor Stinner wrote: > 2016-04-10 18:43 GMT+02:00 Jon Ribbens <jon+python-...@unequivocal.co.uk>: > > That's the opposite of my approach though - I'm starting small and > > adding things, not starting with everything and removing st

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-10 Thread Jon Ribbens
On Sun, Apr 10, 2016 at 02:08:16PM -0700, Nikolaus Rath wrote: > On Apr 10 2016, Jon Ribbens <jon+python-...@unequivocal.co.uk> wrote: > > On Sat, Apr 09, 2016 at 02:43:19PM +0200, Victor Stinner wrote: > > That's the opposite of my approach though - I'm starting small

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-10 Thread Jon Ribbens
On Mon, Apr 11, 2016 at 12:07:48AM +0300, Serhiy Storchaka wrote: > On 10.04.16 19:51, Jon Ribbens wrote: > >On Sun, Apr 10, 2016 at 02:51:23PM +1000, Nick Coghlan wrote: > >>On 9 April 2016 at 22:43, Victor Stinner <victor.stin...@gmail.com> wrote: > >>>See py

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-10 Thread Jon Ribbens
On Sun, Apr 10, 2016 at 02:51:23PM +1000, Nick Coghlan wrote: > On 9 April 2016 at 22:43, Victor Stinner wrote: > > See pysandbox test suite for a lot of ways to escape a sandbox. CPython has > > a list of know code to crash CPython (I don't recall the dieectory in > >

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-10 Thread Jon Ribbens
On Sat, Apr 09, 2016 at 02:43:19PM +0200, Victor Stinner wrote: >Please don't loose time trying yet another sandbox inside CPython. It's >just a waste of time. It's broken by design. > >Please read my email about my attempt (pysandbox): >https://lwn.net/Articles/574323/ > >

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-08 Thread Jon Ribbens
On Sat, Apr 09, 2016 at 02:20:49AM +1000, Chris Angelico wrote: > On Sat, Apr 9, 2016 at 12:18 AM, Jon Ribbens > <jon+python-...@unequivocal.co.uk> wrote: > > Anyway the code is at https://github.com/jribbens/unsafe > > It requires Python 3.4 or later (it could

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-08 Thread Jon Ribbens
On Fri, Apr 08, 2016 at 05:49:12PM +0200, Marcin Kościelnicki wrote: > On 08/04/16 16:18, Jon Ribbens wrote: > That one is trivially fixable, but here goes: > > async def a(): > global c > c = b.cr_frame.f_back.f_back.f_back > > b = a() > b.send(None) >

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-08 Thread Jon Ribbens
On Fri, Apr 08, 2016 at 05:21:38PM +0200, Arthur Darcet wrote: >If i'm not mistaken, this breaks out: >> exec('open("out", "w").write("a")', {}) >because if the second argument of exec does not contain a __builtins__ >key, then a copy of the original builtins module is inserted: >

Re: [Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-08 Thread Jon Ribbens
On Fri, Apr 08, 2016 at 03:37:45PM +0100, Paul Moore wrote: > On 8 April 2016 at 15:18, Jon Ribbens <jon+python-...@unequivocal.co.uk> > wrote: > > I would be very interested to see if anyone can manage to break it. > > Bugs which are trivially fixable are of cours

[Python-Dev] Challenge: Please break this! (a.k.a restricted mode revisited)

2016-04-08 Thread Jon Ribbens
I've made another attempt at Python sandboxing, which does something which I've not seen tried before - using the 'ast' module to do static analysis of the untrusted code before it's executed, to prevent most of the sneaky tricks that have been used to break out of past attempts at sandboxes. In

Re: [Python-Dev] What does a double coding cookie mean?

2016-03-15 Thread Jon Ribbens
On Tue, Mar 15, 2016 at 01:30:08PM -0700, Guido van Rossum wrote: > I came across a file that had two different coding cookies -- one on > the first line and one on the second. CPython uses the first, but mypy > happens to use the second. I couldn't find anything in the spec or > docs ruling out

Re: [Python-Dev] Status on PEP-431 Timezones

2015-07-28 Thread Jon Ribbens
On Mon, Jul 27, 2015 at 04:28:48PM -0700, Chris Barker wrote: The only other thing I found really weird about datetime is how Python 2 had no implementation of a UTC tzinfo class, despite this being utterly trivial - Huh? it is either so trivial that there is no point --

Re: [Python-Dev] Status on PEP-431 Timezones

2015-07-27 Thread Jon Ribbens
On Mon, Jul 27, 2015 at 01:04:03AM -0500, Tim Peters wrote: [Tim] The Python docs also are quite clear about that all arithmetic within a single timezone is naive. That was intentional. The _intended_ way to do aware arithmetic was always to convert to UTC, do the arithmetic, then

Re: [Python-Dev] python 3 niggle: None 1 raises TypeError

2014-02-17 Thread Jon Ribbens
On Mon, Feb 17, 2014 at 12:43:25PM +0100, M.-A. Lemburg wrote: This doesn't only apply to numeric comparisons. In Python 2 you can compare None with any kind of object and it always sorts first, No you can't. See http://bugs.python.org/issue1673405 . According to Tim Peters, the None is less

[Python-Dev] SSL sockets and settimeout

2013-12-01 Thread Jon Ribbens
Am I correct in thinking that Python's newfangled socket.settimeout() feature does not play well with SSL wrapped sockets? Would there be any interest in making it so that it did? ___ Python-Dev mailing list Python-Dev@python.org

Re: [Python-Dev] utf-8 encoding in checkins?

2011-03-27 Thread Jon Ribbens
On Sun, Mar 27, 2011 at 05:21:08PM +0200, Antoine Pitrou wrote: On Sun, 27 Mar 2011 10:06:49 -0500 s...@pobox.com wrote: It seems that all checkin mails are utf-8-encoded. This makes it challenging to view checkin mails if you have a text-based mail reader. (I use VM within XEmacs.

Re: [Python-Dev] utf-8 encoding in checkins?

2011-03-27 Thread Jon Ribbens
On Sun, Mar 27, 2011 at 02:13:29PM -0400, Eugene Toder wrote: I'm not disputing that, and I understand that my current choice of mail reader limits me.  I was just asking if it would be possible (read: fairly easy) to only generate utf-8 when it was necessary. Isn't utf-8 itself same as

Re: [Python-Dev] utf-8 encoding in checkins?

2011-03-27 Thread Jon Ribbens
On Sun, Mar 27, 2011 at 02:21:25PM -0400, R. David Murray wrote: Mind you, I've never managed to get the -- button working reliably either, but to be fair that's insanely complicated too. No idea what that is. Backspace key. ___ Python-Dev

Re: [Python-Dev] Distutils2 scripts

2010-10-08 Thread Jon Ribbens
On Fri, Oct 08, 2010 at 01:24:09PM +0200, Dirkjan Ochtman wrote: On Fri, Oct 8, 2010 at 09:05, Tarek Ziadé ziade.ta...@gmail.com wrote: The feedback I received for this is pretty clear: people want a single script that can be called directly. e.g. $ distutils2 depgraph $ distutils2

Re: [Python-Dev] Distutils2 scripts

2010-10-08 Thread Jon Ribbens
On Fri, Oct 08, 2010 at 11:04:35AM -0400, Toshio Kuratomi wrote: In the larger universe of programs, it might make for more intuitive remembering of the command to use a prefix (either py or python) though. python-setup is a lot like python setup.py pysetup is shorter pyegg is even shorter

Re: [Python-Dev] Rework nntlib?

2010-09-14 Thread Jon Ribbens
On Tue, Sep 14, 2010 at 11:43:46AM -0500, s...@pobox.com wrote: We got rid of gopherlib a few years ago (deprecated in 2.5, presumably gone in 2.6). I suspect the NNTP protocol has a greatly diminished user base as well, GMANE's presence notwithstanding. NNTP is *very* considerably less dead

Re: [Python-Dev] Looking after the buildbots (in general)

2010-08-05 Thread Jon Ribbens
On Wed, Aug 04, 2010 at 07:26:06PM -0400, Barry Warsaw wrote: On Aug 04, 2010, at 06:39 PM, Steve Holden wrote: I'll see if I can get God to extend it for you. No need to involve the supernatural Steve! Just approve that PSF grant I submitted so I can finish my (Python powered of course!)

Re: [Python-Dev] PEP 3148 ready for pronouncement

2010-05-23 Thread Jon Ribbens
On Sun, May 23, 2010 at 03:16:27PM +0400, Andrew Svetlov wrote: Is there any reason to have Future .cancelled, .done, .running as methods? From my perspective they are really readonly properties. BTW, is 'cancelled' correct name? Spell-checkers likes only single 'l' form: 'canceled'. In

Re: [Python-Dev] urlparse.urlunsplit should be smarter about +

2010-05-09 Thread Jon Ribbens
On Sun, May 09, 2010 at 03:19:40PM -0600, David Abrahams wrote: Yes. But the question is whether urlparse should really be so fragile that every hierarchical scheme needs to be explicitly registered. Surely ending with “+file” should be sufficient to have it recognized as a file-based scheme

Re: [Python-Dev] argparse ambiguity handling

2010-04-21 Thread Jon Ribbens
On Wed, Apr 21, 2010 at 03:53:16AM -0400, Eric Smith wrote: I agree the new behavior is desirable. And I also think it should be the default, although I feel less strongly about that. But since this behavior seems to be an accident of the implementation (based on Steve's comment above), I

Re: [Python-Dev] argparse ambiguity handling

2010-04-20 Thread Jon Ribbens
On Tue, Apr 20, 2010 at 03:27:53PM -0400, Neal Becker wrote: I have a preference to allow at least exact matches to succeed even in the case of ambiguity - mainly because I accidentally created this already once, and I feel it's better to at least work somewhat. Not sure if there is any

Re: [Python-Dev] __file__ and bytecode-only

2010-03-14 Thread Jon Ribbens
On Fri, Mar 12, 2010 at 05:56:57PM -0500, Barry Warsaw wrote: Nope, sorry I should have been clearer. *creation* is the key here. As per BDFL pronouncement, we'll support reading pyc-only modules just like we do today. This is in PEP 3147. We won't support creating them though. BTW,

Re: [Python-Dev] PEP 389: argparse - new command line parsing module

2009-10-01 Thread Jon Ribbens
On Thu, Oct 01, 2009 at 09:58:59AM +0100, Paul Moore wrote: (Question - is it *ever* possible for a Unix program to have invalid file descriptors 0,1 and 2? At startup - I'm assuming anyone who does os.close(1) knows what they are doing!) Yes, at startup you just have the file descriptors your

Re: [Python-Dev] PEP 389: argparse - new command line parsing module

2009-09-28 Thread Jon Ribbens
On Mon, Sep 28, 2009 at 09:38:20AM +0100, Floris Bruynooghe wrote: On Mon, Sep 28, 2009 at 06:59:45AM +0300, Yuvgoog Greenle wrote: -1 for deprecating getopt. getopt is super-simple and especially useful for c programmers learning python. +1 for argparse.+1 for eventual deprecation of

Re: [Python-Dev] Issue5434: datetime.monthdelta

2009-04-16 Thread Jon Ribbens
On Thu, Apr 16, 2009 at 12:10:36PM +0400, Oleg Broytmann wrote: This patch adds a monthdelta class and a monthmod function to the datetime module. The monthdelta class is much like the existing timedelta class, except that it represents months offset from a date, rather than an exact

Re: [Python-Dev] FreeBSD 7 amd64 and large memory tests

2008-09-17 Thread Jon Ribbens
On Wed, Sep 17, 2008 at 08:21:55AM -0700, Alex Martelli wrote: Unbelievable as this may seem, this crazy over-committing malloc behavior is by now a classic -- I first fought against it in 1990, when IBM released AIX 3 for its then-new RS/6000 line of workstations; in a later minor release

Re: [Python-Dev] Consistent platform name for 64bit windows (was: distutils.util.get_platform() for Windows)

2008-03-18 Thread Jon Ribbens
On Wed, Mar 19, 2008 at 02:05:37AM +0900, [EMAIL PROTECTED] wrote: So, at the risk of painting a bike-shed, I'd like to propose that we adopt 'AMD64' in distutils (needs a change), platform.py (needs a change to use sys.getwindowsversion() in preference to pywin32, if possible, anyway), and

Re: [Python-Dev] trunc()

2008-01-29 Thread Jon Ribbens
On Mon, Jan 28, 2008 at 08:07:21PM -0800, Guido van Rossum wrote: PS. There's something wrong with Raymond's mailer that creates a thread in gmail whenever he responds. I suspect it's not correctly adding an In-reply-to header. That makes the thread feel much more disconnected than most,

Re: [Python-Dev] PEP: per user site-packages directory

2008-01-14 Thread Jon Ribbens
On Mon, Jan 14, 2008 at 03:07:20PM -0500, Barry Warsaw wrote: I feel pretty strongly that ~/bin should *not* be used. It makes sense to me that ~/.local would mirror /usr/local. It makes sense, but personally I have never heard before of ~/.local. Whereas ~/bin is something I am quite

Re: [Python-Dev] Does Python need a file locking module (slightly higher level)?

2007-10-22 Thread Jon Ribbens
On Tue, Oct 23, 2007 at 12:16:41PM +1300, Greg Ewing wrote: [EMAIL PROTECTED] wrote: This interface follows the completely stupid semantics of System V and IEEE Std 1003.1-1988 (``POSIX.1'') that require that all locks associated with a file for a given process are removed when

Re: [Python-Dev] Does Python need a file locking module (slightly higher level)?

2007-10-22 Thread Jon Ribbens
On Tue, Oct 23, 2007 at 12:29:35PM +1300, Greg Ewing wrote: [EMAIL PROTECTED] wrote: Does fcntl.flock work over NFS and SMB and on Windows? I don't think file locking will ever work over NFS, since it's a stateless protocol by design, and locking would require maintaining state on the

Re: [Python-Dev] Removing the GIL (Me, not you!)

2007-09-14 Thread Jon Ribbens
On Fri, Sep 14, 2007 at 03:30:49PM -0400, Jean-Paul Calderone wrote: I don't really like the maxint/2 idea because it requires us to differentiate between globals and everything else. Plus, it's a hack. I'd like a more elegant solution if possible. It's not really a solution either. If

Re: [Python-Dev] Removing the GIL (Me, not you!)

2007-09-13 Thread Jon Ribbens
On Thu, Sep 13, 2007 at 12:19:21PM +0200, André Malo wrote: Pardon my ignorance but why does Python do reference counting for truly global and static objects like None, True, False, small and cached integers, sys and other builtins? If I understand it correctly these objects are never

Re: [Python-Dev] Removing the GIL (Me, not you!)

2007-09-13 Thread Jon Ribbens
On Thu, Sep 13, 2007 at 01:15:39PM +0200, Martin v. Löwis wrote: To put it another way, would it actually matter if the reference counts for such objects became hopelessly wrong due to non-atomic adjustments? If they drop to zero (which may happen due to non-atomic adjustments), Python

Re: [Python-Dev] Removing the GIL (Me, not you!)

2007-09-13 Thread Jon Ribbens
On Thu, Sep 13, 2007 at 06:38:05PM -0500, [EMAIL PROTECTED] wrote: Hrvoje More precisely, Python will call the deallocator appropriate for Hrvoje the object type. If that deallocator does nothing, the object Hrvoje continues to live. Such objects could also start out with a

Re: [Python-Dev] Pythreads and BSD descendants

2007-08-03 Thread Jon Ribbens
On Thu, Jul 26, 2007 at 04:08:37PM +, Cameron Laird wrote: Folklore that I remember so unreliably I avoid trying to repeat it here held that Python threading had problems on BSD and allied Unixes. What's the status of this? I suspect the answer is, Everything works, and the only real

Re: [Python-Dev] TLSAbruptCloseError

2007-06-13 Thread Jon Ribbens
On Tue, Jun 05, 2007 at 12:55:07PM -0400, Todd Hopfinger wrote: I am using TLS Lite and J2ME SecureConnection for the purposes of encrypting traffic to/from a Java Midlet client and a multithreaded Python server. However, I encounter a TLSAbruptCloseError. I have tried to determine

Re: [Python-Dev] The docs, reloaded

2007-05-22 Thread Jon Ribbens
On Tue, May 22, 2007 at 06:13:36PM +0200, Georg Brandl wrote: Finding the location that tells you how to suggest changes, and opening a new bug in the infamous SF tracker is not really something people do happily. A click here to suggest a change link that leads to a pseudo- edit-form,

Re: [Python-Dev] The docs, reloaded

2007-05-22 Thread Jon Ribbens
On Tue, May 22, 2007 at 01:19:36PM -0400, Steve Holden wrote: For example, this rocks! :: http://pydoc.gbrandl.de/search.html?q=os.patharea=default It would be more impressive if the search string returned hits ... Also if it was not completely reliant on JavaScript... (Maybe it's

Re: [Python-Dev] The docs, reloaded

2007-05-21 Thread Jon Ribbens
On Sat, May 19, 2007 at 07:14:09PM +0200, Georg Brandl wrote: For the impatient: the result can be seen at http://pydoc.gbrandl.de. I think that looks great. One comment I have, I don't know if it's relevant - it perhaps depends on whether the Global Module Index is auto-generated or not. This

Re: [Python-Dev] Implicit String Concatenation and Octal Literals Was: PEP 30XZ: Simplified Parsing

2007-05-03 Thread Jon Ribbens
On Wed, May 02, 2007 at 10:23:39PM -0700, Raymond Hettinger wrote: Another way to look at it is to ask whether we would consider adding implicit string concatenation if we didn't already have it. I think there would be a chorus of emails against it Personally, I would have been irritated if

Re: [Python-Dev] python3k change to slicing

2007-04-19 Thread Jon Ribbens
Guido van Rossum [EMAIL PROTECTED] wrote: -1 Me too. While this may be theoretically preferable, I believe that in practice changing this would be a major pain for very little gain. I don't recall ever finding a bug related to this feature, and I believe it's occasionally useful. I find it

Re: [Python-Dev] deprecate commands.getstatus()

2007-03-22 Thread Jon Ribbens
\Martin v. Löwis\ [EMAIL PROTECTED] wrote: And do we even need os.fork(), os.exec*(), os.spawn*()? I don't know about about *os*.fork; I surely like to have posix.fork. The posix module exposes many OS functions as-is. This has the advantage that their semantics are crystal-clear: they do

Re: [Python-Dev] Status of thread cancellation

2007-03-21 Thread Jon Ribbens
Nick Maclaren [EMAIL PROTECTED] wrote: Well, I have seen it hundreds of times on a dozen different Unices; it is very common. You don't always SEE the stuck process - sometimes the 'kill -9' causes the pid to become invisible to ps etc., and just occasionally it can continue to use CPU until

Re: [Python-Dev] Status of thread cancellation

2007-03-19 Thread Jon Ribbens
Nick Maclaren [EMAIL PROTECTED] wrote: Sockets, terminals etc. are stateful devices, and killing a process can leave them in a very unclean state. It is one of the most common causes of unkillable processes (the process can't go until its files do, and the socket is jammed). Can you

Re: [Python-Dev] thread safe SMTP module

2007-03-14 Thread Jon Ribbens
Gordon Messmer [EMAIL PROTECTED] wrote: After some discussion, Aahz suggested that I discuss the problem here, on python-dev. He seemed to think that the problem I saw may have been an indication of a bug in python. Could anyone take a look at that thread and say whether it looks like a

Re: [Python-Dev] thread safe SMTP module

2007-03-14 Thread Jon Ribbens
Aahz [EMAIL PROTECTED] wrote: One small wrinkle (and the reason I suggested bringing this to python-dev): I suspect that the problem is not a bug, but simply the occasional failure of sockets. When that happens in a threaded app without timeouts, eventually threads die (block forever). But

Re: [Python-Dev] thread safe SMTP module

2007-03-14 Thread Jon Ribbens
Gordon Messmer [EMAIL PROTECTED] wrote: Tonight I should have time to pull an old copy of the code out of CVS and recreate the test script that I used. Once I have, it should be a matter of feeding a big list of email addresses to the script and waiting a couple of minutes for the script

Re: [Python-Dev] datetime module enhancements

2007-03-11 Thread Jon Ribbens
Steven Bethard [EMAIL PROTECTED] wrote: I was trying to minimize the extent of this already too long thread, assuming you could go do the reading I referred you to if you were really interested in the answer. There's nothing to be gained by being patronising. I still encourage you to read

Re: [Python-Dev] datetime module enhancements

2007-03-11 Thread Jon Ribbens
Collin Winter [EMAIL PROTECTED] wrote: Please find or write a package that makes the assumptions you want, since datetime clearly isn't the module you want. Datetime clearly *is* the module I want. It already makes the assumptions I want, I just want it to make them consistently.

Re: [Python-Dev] These csv test cases seem incorrect to me...

2007-03-11 Thread Jon Ribbens
Andrew McNamara [EMAIL PROTECTED] wrote: The point was to produce the same results as Excel. Sure, Excel probably doesn't generate crap like this itself, but 3rd parties do, and people complain if we don't parse it just like Excel (sigh). The slight problem with copying Excel is that Excel

Re: [Python-Dev] datetime module enhancements

2007-03-10 Thread Jon Ribbens
Phillip J. Eby [EMAIL PROTECTED] wrote: At 09:20 PM 3/9/2007 +, Jon Ribbens wrote: If you want the answer to be the entire of that day then you need to alter the datetime module so that, e.g. subtracting 2007-03-08 from 2007-03-09 does not return one day as currently, but returns zero

Re: [Python-Dev] datetime module enhancements

2007-03-10 Thread Jon Ribbens
Steven Bethard [EMAIL PROTECTED] wrote: Using the .date() is fine when the year/month/day doesn't match. So the following are fine:: datetime.datetime(2005, 1, 1, 0, 0, 0) datetime.date(2006, 1, 1) datetime.datetime(2007, 1, 1, 0, 0, 0) datetime.date(2006, 1, 1) It's *not* okay to

Re: [Python-Dev] datetime module enhancements

2007-03-10 Thread Jon Ribbens
Christian Heimes [EMAIL PROTECTED] wrote: Jon Ribbens schrieb: So you're deciding that a 'date' is 'the entire of that day', except when you subtract two of them, when it suddenly means something else? ;-) It makes kinda sense although it looks like a contradiction at first. The common

Re: [Python-Dev] datetime module enhancements

2007-03-10 Thread Jon Ribbens
Christian Heimes [EMAIL PROTECTED] wrote: What do you feel next Tuesday plus 12 hours means? ;-) First thought: It's nonsense! Nobody would say that. ;) Second though: Tuesday noon (12h after the beginning of Tuesday) I agree with you entirely. Your suggestions correspond to 'throw an

Re: [Python-Dev] datetime module enhancements

2007-03-10 Thread Jon Ribbens
Robert Brewer [EMAIL PROTECTED] wrote: One solution that just occurred to me -- and that skirts the issue of choosing an interpretation -- is that, when comparing date and datetime objects, the datetime's .date() method is called and the result of that call is compared to

Re: [Python-Dev] datetime module enhancements

2007-03-10 Thread Jon Ribbens
Steven Bethard [EMAIL PROTECTED] wrote: I don't see why the docs can't be explicit about what subtraction means given that there are a number of possible interpretations. I don't see why the docs can't be explicit about what comparison means given that there are a number of possible

Re: [Python-Dev] datetime module enhancements

2007-03-10 Thread Jon Ribbens
I see you snipped without response my request to back up your claim that assuming that a date() is a datetime() with a time of midnight will clearly break that logic. Am I to assume you cannot back it up? ___ Python-Dev mailing list

Re: [Python-Dev] datetime module enhancements

2007-03-09 Thread Jon Ribbens
\Martin v. Löwis\ [EMAIL PROTECTED] wrote: There are know problems comparing durations (e.g. is 30 days more or less than a month?). For time stamps, there is no issue. For calender dates, there are again problems, in particular with time zones. Python durations (datetime.timedelta) do not

Re: [Python-Dev] datetime module enhancements

2007-03-09 Thread Jon Ribbens
Brett Cannon [EMAIL PROTECTED] wrote: Treat dates as if they have a time-part of midnight. This is my preferred solution, and it is already what the datetime module does, for example, when subtracting two dates. I personally like the current solution. The proposal to just assume