-----BEGIN PGP SIGNED MESSAGE-----
Marius Gedminas wrote:
> On Fri, Dec 12, 2008 at 12:45:27PM +0000, Malthe Borch wrote:
>> Martijn Pieters wrote:
>>> The C extension is required to make messageids immutable. Because they
>>> are immutable, the security machinery can treat them as rocks, e.g.
>>> safe to pass around. Removing the C-extension undoes this, as you
>>> cannot make truely immutable.
>> I believe it is possible to do this in pure Python:
> I have doubts about that, but I don't think I'm smart enough to consider
> all the security implications.
I'm still waiting for somebody (Jim, Martijn, Marius) to outline *any*
security implication here: what kinds of attacks do you imagine become
possible if some nefarious user finds a way to mutate a message ID? And
are any such mutations feasible at all for applications which don't
allow untrusted users to write code? Note that preventing *programming
errors* is not sufficient justification in my mind: we already expect
Python developers to play as "consenting adults" inside of trusted code.
(later: Jim wrote me privately that he didn't have time to pursue the
qu estion, but thought the dicussion could go on).
Tres Seaver +1 540-429-0999 tsea...@palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -