On 7/14/06, Nick Maclaren <[EMAIL PROTECTED]> wrote:
> "Guido van Rossum" <[EMAIL PROTECTED]> wrote:
> >
> > OK, then I propose that we wait to see which things you end up having
> > to provide to sandboxed code, rather than trying to analyze it to
> > death in abstracto.
>
> However, the ORIGINAL
"Guido van Rossum" <[EMAIL PROTECTED]> wrote:
>
> OK, then I propose that we wait to see which things you end up having
> to provide to sandboxed code, rather than trying to analyze it to
> death in abstracto.
However, the ORIGINAL proposal in this thread (to split off argv[0]
and/or make that and
On 7/14/06, Guido van Rossum <[EMAIL PROTECTED]> wrote:
On 7/14/06, Brett Cannon <[EMAIL PROTECTED]> wrote:> On 7/14/06, Guido van Rossum <[EMAIL PROTECTED]> wrote:> > Whoa, whoa. What's the *problem* we're trying to solve here?
>> I have a use case for sandboxing. I am already having to plan to h
On 7/14/06, Brett Cannon <[EMAIL PROTECTED]> wrote:
> On 7/14/06, Guido van Rossum <[EMAIL PROTECTED]> wrote:
> > Whoa, whoa. What's the *problem* we're trying to solve here?
>
> I have a use case for sandboxing. I am already having to plan to have a
> mini-sys module in a sandbox so that they can
On 7/14/06, Guido van Rossum <[EMAIL PROTECTED]> wrote:
Whoa, whoa. What's the *problem* we're trying to solve here?I have a use case for sandboxing. I am already having to plan to have a mini-sys module in a sandbox so that they cannot get access to dangerous things.
-BrettOn 7/14/06, Nick Coghla
Whoa, whoa. What's the *problem* we're trying to solve here?
On 7/14/06, Nick Coghlan <[EMAIL PROTECTED]> wrote:
> Greg Ewing wrote:
> > Maybe sys needs to be split into two modules, with
> > the non-sensitive one pre-imported (so that the
> > importless interpreter you suggest wouldn't be
> > unn
Greg Ewing wrote:
> Maybe sys needs to be split into two modules, with
> the non-sensitive one pre-imported (so that the
> importless interpreter you suggest wouldn't be
> unnecessarily crippled).
Maybe not splitting it, but providing a read-only mechanism of getting at
certain elements, with "im
Greg Ewing wrote:
> Nick Maclaren wrote:
>> On systems that are not Unix-derived (which, nowadays, are rare),
>> there is commonly no such thing as a program name in the first place.
>> It is possible to get into that state on some Unices - i.e. ones which
>> have a form of exec that takes a file d
Nick Maclaren wrote:
>> I don't think that applies to the Python args[] though,
>> since its args[0] isn't the path of the OS-level
>> executable, it's the path of the main Python script.
>
> Oh, yes, it does! The file descriptor or inode number could refer to
> the script just as well as it cou
Greg Ewing <[EMAIL PROTECTED]> wrote:
>
> > On systems that are not Unix-derived (which, nowadays, are rare),
> > there is commonly no such thing as a program name in the first place.
> > It is possible to get into that state on some Unices - i.e. ones which
> > have a form of exec that takes a fi
Nick Maclaren wrote:
> On systems that are not Unix-derived (which, nowadays, are rare),
> there is commonly no such thing as a program name in the first place.
> It is possible to get into that state on some Unices - i.e. ones which
> have a form of exec that takes a file descriptor, inode number
Guido van Rossum wrote:
> I'nm afraid if we
> were to split it by functionality we'd have to split it 5-way or so...
What about just splitting it into "mutable" and
"immutable" parts? That would be a fairly clear
division, I think.
--
Greg
___
Python-De
Ka-Ping Yee wrote:
> I think of 'sys' as the place for sensitive interpreter internals
Well, it seems to be rather a mixture at the moment.
I suppose you could regard sys.modules as fairly
sensitive, since messing with it can have big effects
on the behaviour of the whole program, and changing
sy
On systems that are not Unix-derived (which, nowadays, are rare),
there is commonly no such thing as a program name in the first place.
It is possible to get into that state on some Unices - i.e. ones which
have a form of exec that takes a file descriptor, inode number or
whatever.
This is another
On 7/13/06, Ka-Ping Yee <[EMAIL PROTECTED]> wrote:
> On Thu, 13 Jul 2006, Greg Ewing wrote:
> > Would it help if sys were pre-imported into the builtins?
> > Or do you think that args shouldn't live in sys at all?
>
> I feel like the command-line arguments don't really belong in sys,
> and i'd rath
On Thu, 13 Jul 2006, Greg Ewing wrote:
> Would it help if sys were pre-imported into the builtins?
> Or do you think that args shouldn't live in sys at all?
I feel like the command-line arguments don't really belong in sys,
and i'd rather not have 'sys' pre-imported into the builtins.
I think of
On 7/13/06, Greg Ewing <[EMAIL PROTECTED]> wrote:
Ka-Ping Yee wrote:> Having to 'import sys' to get at the command-line arguments always> seemed awkward to me. 'import sys' feels like it should be a> privileged operation (access to interpreter internals), and getting
> the command-line args isn't
Ka-Ping Yee wrote:
> Having to 'import sys' to get at the command-line arguments always
> seemed awkward to me. 'import sys' feels like it should be a
> privileged operation (access to interpreter internals), and getting
> the command-line args isn't privileged.
Would it help if sys were pre-imp
18 matches
Mail list logo
