我有多个脚本正在导出同一个接口,它们是在隔离范围内使用execfile()执行的。你知道吗
问题是,我希望它们共享一些资源,这样每个新脚本就不必从一开始就重新加载它们,从而降低启动速度并使用不必要的RAM。你知道吗
实际上,这些脚本的封装和防范恶意插件的能力比下面的示例要好得多,这就是我的问题开始的地方。你知道吗
问题是,我希望创建资源的脚本能够用数据填充它,删除数据或删除资源,当然还可以访问它的数据。你知道吗
但是其他脚本不能更改其他脚本的资源,只需读取它。我想确保新安装的插件不能通过滥用共享资源来干扰已经加载和运行的插件。你知道吗
示例:
class SharedResources:
# Here should be a shared resource manager that I tried to write
# but got stuck. That's why I ask this long and convoluted question!
# Some beginning:
def __init__ (self, owner):
self.owner = owner
def __call__ (self):
# Here we should return some object that will do
# required stuff. Read more for details.
pass
class plugin (dict):
def __init__ (self, filename):
dict.__init__(self)
# Here some checks and filling with secure versions of __builtins__ etc.
# ...
self["__name__"] = "__main__"
self["__file__"] = filename
# Add a shared resources manager to this plugin
self["SharedResources"] = SharedResources(filename)
# And then:
execfile(filename, self, self)
# Expose the plug-in interface to outside world:
def __getattr__ (self, a):
return self[a]
def __setattr__ (self, a, v):
self[a] = v
def __delattr__ (self, a):
del self[a]
# Note: I didn't use self.__dict__ because this makes encapsulation easier.
# In future I won't use object itself at all but separate dict to do it. For now let it be
----------------------------------------
# An example of two scripts that would use shared resource and be run with plugins["name"] = plugin("<filename>"):
# Presented code is same in both scripts, what comes after will be different.
def loadSomeResource ():
# Do it here...
return loadedresource
# Then Load this resource if it's not already loaded in shared resources, if it isn't then add loaded resource to shared resources:
shr = SharedResources() # This would be an instance allowing access to shared resources
if not shr.has_key("Default Resources"):
shr.create("Default Resources")
if not shr["Default Resources"].has_key("SomeResource"):
shr["Default Resources"].add("SomeResource", loadSomeResource())
resource = shr["Default Resources"]["SomeResource"]
# And then we use normally resource variable that can be any object.
# Here I Used category "Default Resources" to add and/or retrieve a resource named "SomeResource".
# I want more categories so that plugins that deal with audio aren't mixed with plug-ins that deal with video for instance. But this is not strictly needed.
# Here comes code specific for each plug-in that will use shared resource named "SomeResource" from category "Default Resources".
...
# And end of plugin script!
----------------------------------------
# And then, in main program we load plug-ins:
import os
plugins = {} # Here we store all loaded plugins
for x in os.listdir("plugins"):
plugins[x] = plugin(x)
假设我们的两个脚本都存储在plugins目录中,并且都使用一些加载到内存中的WAVE文件。 首先加载的插件将加载WAVE并将其放入RAM中。 另一个插件将能够访问已经加载的WAVE,但不能替换或删除它,从而与其他插件发生冲突。你知道吗
现在,我希望每个资源都有一个所有者,插件脚本的一些id或文件名,并且这个资源只能由它的所有者来写。你知道吗
任何调整或解决方法都不应使另一个插件能够访问第一个插件。你知道吗
我几乎做到了,然后就被卡住了,我的脑子里充满了概念,这些概念在实现的时候可以完成,但只能部分完成。 这把我吃了,所以我再也不能集中精力了。任何建议都欢迎!你知道吗
添加:
这是我现在使用的,不包括任何安全措施:
# Dict that will hold a category of resources (should implement some security):
class ResourceCategory (dict):
def __getattr__ (self, i): return self[i]
def __setattr__ (self, i, v): self[i] = v
def __delattr__ (self, i): del self[i]
SharedResources = {} # Resource pool
class ResourceManager:
def __init__ (self, owner):
self.owner = owner
def add (self, category, name, value):
if not SharedResources.has_key(category):
SharedResources[category] = ResourceCategory()
SharedResources[category][name] = value
def get (self, category, name):
return SharedResources[category][name]
def rem (self, category, name=None):
if name==None: del SharedResources[category]
else: del SharedResources[category][name]
def __call__ (self, category):
if not SharedResources.has_key(category):
SharedResources[category] = ResourceCategory()
return SharedResources[category]
__getattr__ = __getitem__ = __call__
# When securing, this must not be left as this, it is unsecure, can provide a way back to SharedResources pool:
has_category = has_key = SharedResources.has_key
现在是插件胶囊:
class plugin(dict):
def __init__ (self, path, owner):
dict.__init__()
self["__name__"] = "__main__"
# etc. etc.
# And when adding resource manager to the plugin, register it with this plugin as an owner
self["SharedResources"] = ResourceManager(owner)
# ...
execfile(path, self, self)
# ...
插件脚本示例:
#-----------------------------------
# Get a category we want. (Using __call__() ) Note: If a category doesn't exist, it is created automatically.
AudioResource = SharedResources("Audio")
# Use an MP3 resource (let say a bytestring):
if not AudioResource.has_key("Beep"):
f = open("./sounds/beep.mp3", "rb")
Audio.Beep = f.read()
f.close()
# Take a reference out for fast access and nicer look:
beep = Audio.Beep # BTW, immutables doesn't propagate as references by themselves, doesn't they? A copy will be returned, so the RAM space usage will increase instead. Immutables shall be wrapped in a composed data type.
这非常有效,但正如我所说的,在这里破坏资源太容易了。你知道吗
我希望ResourceManager()的一个实例负责向谁返回存储数据的哪个版本。你知道吗
所以,我的一般做法是这样。你知道吗
拥有一个中央共享资源池。通过此池的访问对每个人都是只读的。将所有数据打包到共享池中,这样“按规则玩”的人就不能编辑其中的任何内容。
每个代理(插件)在加载它时维护它“拥有”的知识。它为自己保留一个读/写引用,并向集中式只读池注册对资源的引用。
当一个插件被加载时,它会得到一个对中央只读池的引用,这个池可以注册新的资源。
因此,仅针对python本机数据结构(而不是自定义类的实例)的问题,一个相当封闭的只读实现系统如下所示。请注意,用于锁定它们的技巧与其他人用来绕过这些锁的技巧是相同的,因此如果有一点python知识的人正在积极尝试打破沙盒,那么沙盒是非常弱的。你知道吗
注意:这只在Python3.4上测试过,但我尝试编写它,使其与Python2和Python3兼容。你知道吗
使共享资源的根成为字典。给插件一个
ImmutableProxyMapping
的字典。你知道吗创建一个API,插件可以在其中向
public_shared_root
注册新资源,可能是先到先得(如果它已经存在,就不能注册)。用你知道需要的任何容器,或者任何你想与所有插件共享但你想成为只读的数据,预先填充private_shared_root
。你知道吗如果共享根映射中键的约定都是字符串(如文件系统路径(
/home/dalen/local/python
)或点路径(如python库对象(os.path.expanduser
))可能会很方便。这样一来,如果插件试图向池中添加相同的资源,那么冲突检测将是即时的、琐碎的/显而易见的。你知道吗相关问题 更多 >
编程相关推荐