On 8/16/05, David Fetter <david@fetter.org> wrote:
> It's not. In PL/parlance, "trusted" means "prevented from ever
> opening a filehandle or a socket," and PL/PythonU is called
> PL/Python*U* (U for *un*trusted) because it cannot be so prevented.
>
> If somebody has figured out a way to make a PL/Python (without the U),
> that's great, but nothing has happened on this front in a couple of
> years, and Guido said that it was a problem with the language that he
> wasn't going to fix.
It's not a problem in the *language*, it's a problem in the
implementation. There are other implementations of python, including
one inside the JavaVM.
It's also one which could be worked around with the existing python
implementation by completely sandboxing the process running python
(i.e. via seccomp in linux for example).
Yes, it's a problem, yes it should be fixed. But it is BS to claim
that python fundamentally has a problem and needs to be removed
because of it, just as much as it would be BS to claim that ruby
should forbidden because it permits the same sort of unmaintainable
syntax that has plagued perl for years. :)
