www.fifi.org
    Documentation
        Manpages
        GNU Info
        Debian document tree
        Whole document tree
    Trigance web page
    Public services
    User info
    Mailing lists
    Secure server
    Multilingual usage
 

Copyright (C) 2000-2012
Philippe Troin
<webmaster@fifi.org>.

Validate HTML
Validate CSS

    

GNU Info

Info Node: (python2.1-lib.info)Bastion

(python2.1-lib.info)Bastion

Prev: rexec Up: Restricted Execution
Enter node , (file) or (file)node 

Restricting access to objects
=============================

Providing restricted access to objects.  This module was written by
Barry Warsaw <bwarsaw@python.org>.
According to the dictionary, a bastion is "a fortified area or
position", or "something that is considered a stronghold."  It's a
suitable name for this module, which provides a way to forbid access to
certain attributes of an object.  It must always be used with the
`rexec' module, in order to allow restricted-mode programs access to
certain safe attributes of an object, while denying access to other,
unsafe attributes.

`Bastion(object[, filter[, name[, class]]])'
     Protect the object OBJECT, returning a bastion for the object.
     Any attempt to access one of the object's attributes will have to
     be approved by the FILTER function; if the access is denied an
     `AttributeError' exception will be raised.

     If present, FILTER must be a function that accepts a string
     containing an attribute name, and returns true if access to that
     attribute will be permitted; if FILTER returns false, the access
     is denied.  The default filter denies access to any function
     beginning with an underscore (`_').  The bastion's string
     representation will be `<Bastion for NAME>' if a value for NAME is
     provided; otherwise, `repr(OBJECT)' will be used.

     CLASS, if present, should be a subclass of `BastionClass'; see the
     code in `bastion.py' for the details.  Overriding the default
     `BastionClass' will rarely be required.

`BastionClass(getfunc, name)'
     Class which actually implements bastion objects.  This is the
     default class used by `Bastion()'.  The GETFUNC parameter is a
     function which returns the value of an attribute which should be
     exposed to the restricted execution environment when called with
     the name of the attribute as the only parameter.  NAME is used to
     construct the `repr()' of the `BastionClass' instance.
automatically generated by info2www version 1.2.2.9