On Sun, 2003-03-09 at 07:03, Guido van Rossum wrote:
> [Jim]
> > You don't need restricted execution to make proxies work.
>
> Um, I think that's a dangerous mistake, or a confusion in terminology.
>
> Without restricted execution, untrusted code would have access to
> sys.modules, and from there it would be able to access
> removeAllProxies.
Guido and I discovered that we were not using the same terminology in
our own discussions. Guido suggests the following terms:
rexec -- the rexec module in the Python standard library
restricted execution -- the features in the Python code depending on
PyEval_GetRestricted().
We still need a term to refer to an arbitrary mechanism for providing a
secure environment for untrusted code. (I had been using "restricted
execution" to mean this.) Perhaps a "safe interpreter"?
Jeremy
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4