Add support for restricting access based on restricted execution mode.

gvanrossum · gvanrossum · commit c299fc16f2a8 · 2001-09-17T19:28:08.000Z
Renamed the 'readonly' field to 'flags' and defined some new flag
bits: READ_RESTRICTED and WRITE_RESTRICTED, as well as a shortcut
RESTRICTED that means both.
diff --git a/Include/structmember.h b/Include/structmember.h
@@ -31,7 +31,7 @@ struct memberlist {
 	char *name;
 	int type;
 	int offset;
-	int readonly;
+	int flags;
 };
 
 /* Types */
@@ -58,9 +58,13 @@ struct memberlist {
 #define T_PSTRING_INPLACE	15
 #endif /* macintosh */
 
-/* Readonly flag */
+/* Flags */
 #define READONLY	1
 #define RO		READONLY		/* Shorthand */
+#define READ_RESTRICTED	2
+#define WRITE_RESTRICTED 4
+#define RESTRICTED	(READ_RESTRICTED | WRITE_RESTRICTED)
+
 
 DL_IMPORT(PyObject *) PyMember_Get(char *, struct memberlist *, char *);
 DL_IMPORT(int) PyMember_Set(char *, struct memberlist *, char *, PyObject *);
diff --git a/Python/structmember.c b/Python/structmember.c
@@ -38,6 +38,12 @@ PyMember_Get(char *addr, struct memberlist *mlist, char *name)
 	for (l = mlist; l->name != NULL; l++) {
 		if (strcmp(l->name, name) == 0) {
 			PyObject *v;
+			if ((l->flags & READ_RESTRICTED) &&
+			    PyEval_GetRestricted()) {
+				PyErr_SetString(PyExc_RuntimeError,
+						"restricted attribute");
+				return NULL;
+			}
 			addr += l->offset;
 			switch (l->type) {
 			case T_BYTE:
@@ -133,17 +139,22 @@ PyMember_Set(char *addr, struct memberlist *mlist, char *name, PyObject *v)
 	
 	for (l = mlist; l->name != NULL; l++) {
 		if (strcmp(l->name, name) == 0) {
+			if ((l->flags & READONLY) || l->type == T_STRING
 #ifdef macintosh
-			if (l->readonly || l->type == T_STRING ||
-			    l->type == T_PSTRING)
+			    || l->type == T_PSTRING
+#endif
+				)
 			{
-#else
-			if (l->readonly || l->type == T_STRING ) {
-#endif /* macintosh */
 				PyErr_SetString(PyExc_TypeError,
 						"readonly attribute");
 				return -1;
 			}
+			if ((l->flags & WRITE_RESTRICTED) &&
+			    PyEval_GetRestricted()) {
+				PyErr_SetString(PyExc_RuntimeError,
+						"restricted attribute");
+				return -1;
+			}
 			if (v == NULL && l->type != T_OBJECT) {
 				PyErr_SetString(PyExc_TypeError,
 				  "can't delete numeric/char attribute");
