Tres Seaver wrote:
Ugh. -1 to any attempt to use "space suits" in Z2. I would rather move to a model which made it easy to mark some / all TTW objects as "trusted", disabling security checks altogether: the "untrusted users can edit TTW code" use case is pretty much irrelevant for any site I have worked on, with the exception of "old Zope.org", in ten years of working with Zope.
Well yeah, but there's two cases which I bump into a lot: - semi-trusted and clued users editting ttw - paranoia over damage to anything other than the ZODB in the case of a TTW site having its auth compromised. (eg: someone writing their password on a post-it note) For both of these, RestrictedPython working as advertising would be a "good thing"... cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk