ajones wrote:
What plans do you have for security in this? I would think that in
order to trust this over the network you would at least need a
certificate identifying the server as well as some method of verifying
package contents.

Either way, cool stuff.

I think this is an interesting project.

What if every module could be registered (at Python.org, for example)
with a unique URI, a hash digest, and optionally a list of one or more
source code sources (URLs)? Each module registered would have to have a
unique name, but that is probably a good thing anyway.

Then before loading a module the urlimport code could query something like

"http://Python.org/cheeseshop/moduleNS/%s" %moduleName

From whence would be returned a short text file, something like:


urlimport could then query the sources given, or any other known
repositories, until it found a module of matching digest.

What if you needed to use a certain version of a module for
compatibility? Then would module names like "ThisModuleName_2.71"
become necessary?

I wonder if the ripples of setting something like this up offend
Pythonic thinking... and if the utility of having this sort of
functionality would be worth risking some offense.

I guess this stuff has all been done before and Python has good reasons
for not pursuing it, but I wonder what those reasons are.


Search Discussions

Discussion Posts


Related Discussions

Discussion Navigation
viewthread | post
posts ‹ prev | 6 of 6 | next ›
Discussion Overview
grouppython-list @
postedFeb 23, '06 at 11:39p
activeFeb 25, '06 at 8:11p

3 users in discussion

Jure Vrscaj: 4 posts EP: 1 post Ajones: 1 post



site design / logo © 2019 Grokbase