RE: [Zope-dev] Trying to design a PythonMethod Product
<noodling about a Python Method object...>
3. Disallow "del" and "exec" entirely.
Why disallow 'del'?
Because: import sys del sys.path del sys.modules['__builtin__'] del __builtins__ del sys.modules del something_else_important ...would be a pretty good way to attack a system :^) Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com
import sys del sys.path del sys.modules['__builtin__'] del __builtins__ del sys.modules del something_else_important
...would be a pretty good way to attack a system :^)
The planned restrictions on what you can import wouldn't allow this particular spelling, and wrappers could be used to protect imported modules, but it does seem much simpler to just leave the "del" worms neatly packed in the can. It would be possible to allow "del" of local variables only, but I don't see any point to that, so off with its head! Evan Simpson
participants (2)
-
Brian Lloyd -
Evan Simpson