Working with untrusted coders
M.-A. Lemburg
mal at lemburg.com
Wed Apr 10 16:58:35 EDT 2002
Mark McEahern wrote:
>
> [Arnau Rossells]
> > [...]Python security
> > about private elements and others is merely a "don't step on the grass"
> > sign, everybody can change private functions and data in classes and even
> > modules. I'd like to know if there is some way of really securing python,
> > so parts of the code can't be overriden by the coders. Has anybody tried
> > it?
>
> I haven't used this but it may be what you're looking for:
>
> http://www.lemburg.com/files/python/mxProxy.html
Right. mxProxy allows wrapping all kinds of Python objects with
proxies and was designed for just this purpose. The underlying
objects can control which APIs are to be accessible and mxProxy
filters out any reference to the real object.
Of course, you have to make sure that the objects isn't
referenced anywhere else to feel secure. Also note that you
can work around the mxProxy protection by writing a C
extension for this purpose.
> By the way, here's the Google search that resulted in the above as the first
> hit:
>
> http://www.google.com/search?hl=en&q=python+proxy+access
>
> It's always a good idea to search for things first and Google is your
> friend.
Indeed :-)
--
Marc-Andre Lemburg
CEO eGenix.com Software GmbH
______________________________________________________________________
Company & Consulting: http://www.egenix.com/
Python Software: http://www.egenix.com/files/python/
More information about the Python-list
mailing list