Add support for restricting access based on restricted execution mode.

Renamed the 'readonly' field to 'flags' and defined some new flag
bits: READ_RESTRICTED and WRITE_RESTRICTED, as well as a shortcut
RESTRICTED that means both.
This commit is contained in:
Guido van Rossum 2001-09-17 19:28:08 +00:00
parent bf80a033ee
commit c299fc16f2
2 changed files with 22 additions and 7 deletions

View File

@ -31,7 +31,7 @@ struct memberlist {
char *name;
int type;
int offset;
int readonly;
int flags;
};
/* Types */
@ -58,9 +58,13 @@ struct memberlist {
#define T_PSTRING_INPLACE 15
#endif /* macintosh */
/* Readonly flag */
/* Flags */
#define READONLY 1
#define RO READONLY /* Shorthand */
#define READ_RESTRICTED 2
#define WRITE_RESTRICTED 4
#define RESTRICTED (READ_RESTRICTED | WRITE_RESTRICTED)
DL_IMPORT(PyObject *) PyMember_Get(char *, struct memberlist *, char *);
DL_IMPORT(int) PyMember_Set(char *, struct memberlist *, char *, PyObject *);

View File

@ -38,6 +38,12 @@ PyMember_Get(char *addr, struct memberlist *mlist, char *name)
for (l = mlist; l->name != NULL; l++) {
if (strcmp(l->name, name) == 0) {
PyObject *v;
if ((l->flags & READ_RESTRICTED) &&
PyEval_GetRestricted()) {
PyErr_SetString(PyExc_RuntimeError,
"restricted attribute");
return NULL;
}
addr += l->offset;
switch (l->type) {
case T_BYTE:
@ -133,17 +139,22 @@ PyMember_Set(char *addr, struct memberlist *mlist, char *name, PyObject *v)
for (l = mlist; l->name != NULL; l++) {
if (strcmp(l->name, name) == 0) {
if ((l->flags & READONLY) || l->type == T_STRING
#ifdef macintosh
if (l->readonly || l->type == T_STRING ||
l->type == T_PSTRING)
|| l->type == T_PSTRING
#endif
)
{
#else
if (l->readonly || l->type == T_STRING ) {
#endif /* macintosh */
PyErr_SetString(PyExc_TypeError,
"readonly attribute");
return -1;
}
if ((l->flags & WRITE_RESTRICTED) &&
PyEval_GetRestricted()) {
PyErr_SetString(PyExc_RuntimeError,
"restricted attribute");
return -1;
}
if (v == NULL && l->type != T_OBJECT) {
PyErr_SetString(PyExc_TypeError,
"can't delete numeric/char attribute");