On 7/22/06, Armin Rigo <arigo at tunes.org> wrote: > Re-hi, > > On Wed, Jul 19, 2006 at 03:35:45PM -0700, Brett Cannon wrote: > > http://svn.python.org/view/python/branches/bcannon-sandboxing/securing_python.txt?rev=50717&view=log . > > I'm not sure I understand what you propose to fix holes like > constructors and __subclasses__: it seems that you want to remove them > altogether (and e.g. make factory functions instead). That would > completely break all programs, right? Not altogether, just constructors on select types who are considered dangerous from a security standpoint. The breakage won't be horrible, but it will be there for advanced Python code. I will try to make the wording more clear when I get back to work on Tuesday. > I mean, there is no way such > changes would go into mainstream CPython. If this has to wait until Py3k then so be it. > Or do you propose to maintain > a CPython branch manually for the foreseeable future? (From experience > this is a bad idea...) > Yeah, not my idea of fun either, but since this is a long term project, I will at least need to for the foreseeable future. -Brett -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.python.org/pipermail/python-dev/attachments/20060722/3f1b39e2/attachment.htm
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4