[Python-Dev] Capabilities
Greg Ewing
greg@cosc.canterbury.ac.nz
Tue, 01 Apr 2003 10:50:59 +1200 (NZST)
> But that's not how rexec works.
It seems to me that the restricted execution mechanism (is there a
shorter term for this? calling it rexec is a misnomer, as has been
pointed out -- let's call it the REM for now) really is a kind of
capability system.
The REM works by closing off a bunch of loopholes and then controlling
which builtins a piece of code has access to. That code can then pass
them on to other code or withhold them. Sounds a lot like
capabilities, doesn't it?
So the hypothesised "capability python" would be rather like having
REM permanently in effect...
Greg Ewing, Computer Science Dept, +--------------------------------------+
University of Canterbury, | A citizen of NewZealandCorp, a |
Christchurch, New Zealand | wholly-owned subsidiary of USA Inc. |
greg@cosc.canterbury.ac.nz +--------------------------------------+