The Bastion Module
Problem
- Sometimes a restricted program needs to access an object created
in unrestricted mode
Solution
- A Bastion
- Basically just a "wrapper" that's placed around the object.
- Intercepts all attribute access with a filter function and either allows or prohibits access.
Example
import Bastion, StringIO
s = StringIO("") # Create a file like object
sbast = Bastion.Bastion(s,lambda x: x in ['read','readline'])
sbast.readline() # Okay
sbast.write("Blah") # Fails. Attribute error.
Note
-
Can't place Bastions around built-in types like files and sockets
|