1 comment

[ 4.5 ms ] story [ 534 ms ] thread
This is a variation of an identity-centric security context for POSIX-based web platforms, which specifies containerization strategy of Python-targeted code.

Idea: run executable processes with impersonated user privilege, encapsulated as a function call:

    from encapsulate import exeCallObject, keyword

    def run():
        try: return exeCallObject \
            ('assets/Itham/services/component/query',
             keyword('keyword', 'value'),
             'arg1', 'arg2', 'arg3',
             compartmentalize = True)

        except exeCallObject.error as e:
            return namespace(code = e.returncode,
                             error = e.stderrOutput,
                             output = e.stdOutput)
Or:

    encapsule.isolate --post-context assets/Itham/services/component/query \
        --keyword=value arg1 arg2 arg3 \
        | wget 'https://network/channel/x' --method=post --post-file=-
Additional implementation is available online at: https://thetaplane.com