would be nice: import from archive
Paul Rubin
http
Fri Aug 27 17:47:18 EDT 2004
aleaxit at yahoo.com (Alex Martelli) writes:
> I know of no reason to forbid support for such "signing", no. If you
> want to offer a patch to zipimport to let it support whatever signing,
> encryption, or other devilry appeals to you, this is definitely the
> right moment if you hope to see it happen in Python 2.4.
I think the simplest is to just have zipimport understand jar files
and their signatures. There's enough supporting infrastructure needed
that getting it in 2.4 is probably asking a bit much, though.
> If you mean patching zipimport to _forbid_ importing from any zipfile
> whatsoever, including a plain vanilla one, I think it's too late for
> THAT for Python 2.4
If signing is supported, then there has to be a way to reject imports
whose signatures don't verify. It could be a runtime option or
something, I guess. How does zipimport work anyway? I don't see it
in the library doc index for 2.3.
More information about the Python-list
mailing list