On 15.10.2008 14:44 Uhr, Martijn Faassen wrote:
Hi there,
On Wed, Oct 15, 2008 at 2:30 PM, Andreas Jung<lists@zopyx.com> wrote:
If the latter, what about the security review for untrusted code? You mean the review of RestrictedPython?
Yes.
If RestrictedPython is to be reviewed for changes, it *might* be easier to do this for 2.4 -> 2.5 instead of the big leap of two python versions. This depends a bit on how such a review is structured.
If Python 2.6 is the latest official Python version of the 2.X line that there is a chance that this version will be supported by the Python community in the long term. So supporting Python 2.4 or Python 2.5 does not make much sense to me. RestrictedPython: I talked with Alan Runyan about this topic at the Plone conference....if we are serious then RP has to be reviewed. But who can review it and how long would it take. There are possibly only a limited number of people with the experience and skills for performing such a review. The last review took several person days (as far as I can remember). So the review process is possibly tied to some financial resource in order to sponsor the review. Andreas