[Python-Dev] Object customization
Jeremy Hylton
jeremy@cnri.reston.va.us
Mon, 17 Apr 2000 11:41:26 -0400 (EDT)
>>>>> "KLM" == Ken Manheimer <klm@digicool.com> writes:
KLM> It may well make sense to have the system *implement* the
KLM> rights somewhere else. (Distributed system, permissions caches
KLM> in an object system, etc.) However it seems to me to make
KLM> exceeding sense to have the initial intrinsic settings
KLM> specified as part of the object!
It's not clear to me that the person writing the code is or should be
the person specifying the security policy. I believe the CORBA
security model separates policy definition into three parts --
security attributes, required rights, and policy domains. The
developer would only be responsible for the first part -- the security
attributes, which describe methods in a general way so that a security
administrators can develop an effective policy for it. I suppose that
function attributes would be a sensible way to do this, but it might
also be accomplished with a separate wrapper object.
I'm still not thrilled with the idea of using regular attribute access
to describe static properties on code. To access the properties, yes,
to define and set them, probably not.
Jeremy