[Python-Dev] Re: Whither rexec?

["Martin v. Löwis"]

Kevin Jacobs wrote:
> Good.  I only partly agree with it myself.  However, rexec _is_ brittle, as
> demonstrated by the many incremental problems that keep popping up, even
> pre-Python 2.2.

I only have now looked in my dictionary to find the translation for 
"brittle" :-) (I think "brüchig" is the proper translation in this context)

I agree it is brittle. It should be possible to macerate it, though.

> I agree, though seeing how it can be fixed is not the same as deciding that
> it is the optimal solution.  I'm starting out with a very open mind and am
> purposely solicting for as much input as possible.

I think any maintainer of such a feature would need to take the existing 
code base into account. Current users would certainly be served best if 
rexec would work.

> The closure of all objects reachable (via introspection) from
> a given starting set can be _very_ large and non-trivial to compute. 
> Limiting introspection is a simple way to close many of possible holes
> through which references to untrusted objects can be obtained.

I guess you have to define "introspection", then. To navigate to an 
object, I don't need introspection: I can just access the attributes, 
without investigating first which objects are there.

IOW, if I Tkinter.open was the builtin open function, I would not need 
to use introspection to find out it was there - I could just *use* 
Tkinter.open("/etc/passwd", "a"). In Python, anything that is reachable 
with introspection is also reachable without introspection.

Regards,
Martin