[Python-Dev] doc for new restricted execution design for Python
Greg Ewing
greg.ewing at canterbury.ac.nz
Fri Jul 7 09:48:52 CEST 2006
Brett Cannon wrote:
> On 7/5/06, *Greg Ewing* <greg.ewing at canterbury.ac.nz
> And I would change file() so that it didn't open
> files. Then it would be harmless for code to have
> access to the file class.
> Right, that is essentially what I proposed initially with the whole
> crippling idea.
>
> What the capabilities supporters are saying is that if we go that route
> we will be constantly finding objects that require similar crippling.
We've got our wires crossed somewhere. I *am* a capabilities
supporter. But for a capability model to work, the capabilities
need to be isolated and encapsulated in functions or objects
that can be independently provided or not provided. In the
case of file(), that means separating the capability of
being able to open a file from the capability of accessing
an already-opened file. These two things are currently
conflated in the file class.
BTW, I object to the term "crippling" in this particular
case. If you have access to open(), there's no need for
file() to be able to do the same thing. And if you don't
have access to open(), it's because someone doesn't want
you to be able to open files.
--
Greg
More information about the Python-Dev
mailing list