[Python-Dev] python-dev Summary for 2003-03-01 through 2003-03-15

[Ben Laurie]

Brett Cannon wrote:
> Capabilities can loosely be thought of like bound methods.  Security with
> capabilities is done based on possession; if you hold a reference to an
> object you can use that object.

This confusion is my fault: I just happened to like using bound methods 
as the basis for capabilities, but objects can also be used, so long as 
access to them is appropriately restricted. This is explained in detail 
in the PEP I am writing (with help from others, I should note).

> Proxies are a wrapper around objects that restrict access to the object.
> This restriction extends all the way to the core; even core code can't get
> access to parts of a proxied object that it doesn't want any object to get
> a hold of.

Its not clear to me what you mean by "core code" - certainly anything 
written in C can slice through a proxy without any problems (or, indeed, 
a capability).

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff