Will python never intend to support private, protected and public?
Mike Meyer
mwm at mired.org
Mon Oct 3 01:15:54 EDT 2005
Paul Rubin <http://phr.cx@NOSPAM.invalid> writes:
> Mike Meyer <mwm at mired.org> writes:
>> I'd say CPython was missing the features that you need to guarantee
>> that. Missing quite a *lot* of features, in fact. But Python has never
>> been about keeping people from writing bad code - it's about helping
>> people write good code.
> Privilege separation is considered a good coding practice. How does
> Python help it?
With conventions and name mangling. Which are only slightly less
effective than the C++/Java technic for doing the same thing.
>> Pretty much every attempt to restrict what other programmers do in
>> Python has failed - for "implementation issues". I think that's a good
>> sign that this kind of thing isn't going to work without some serious
>> work on the interpreter.
> You could take it as a sign that the interpreter could benefit from
> some serious work.
If you want it to become a secure environment to run untrusted code
in, then it definitely neede some serious work. I'd recommend starting
by copying /dev/null over all the .c and .h files. Of course, not
everyone wants that from Python, so they don't get any benefit from
such work.
> I don't know the situation in Jython.
I was going to suggest Jython as a better bet for getting something
rexec-like to work. Java was at least intended to provide a secure
environment to run untrusted code in, so you're not building on
quicksand. IronPython might also be worth a look, based on what little
(and it's very little) I know about .NET.
<mike
--
Mike Meyer <mwm at mired.org> http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.
More information about the Python-list
mailing list