Jamie Heilman wrote:
Martijn Faassen wrote:
Shane Hathaway wrote:
There certainly ought to be a way to create an unrestricted PageTemplateFile, though it should be an explicit step.
That is a good suggestion. I'd like that option. It would also be a potential performance benefit.
On the other hand, in situations where the PageTemplate designers are *not* security conscious (they're designers, not primarily programmers) the option of explicit checks is useful.
PageTemplateFile is a class used by Product authors, just like DTMLFile. If you can write a product, you are either security conscious or your product is worthless.
I don't always write products by myself. I work in a larger team which may include some people who are very good at making beautiful HTML and can get a page template to work, but aren't Python developers and can't be expected to be experts on Zope security. In such situations it can be a good idea that security checks against the underlying API take place, though of course other forms of collarboration are possible where this need does not exist. Regards, Martijn