17 Dec
2010
17 Dec
'10
7 p.m.
I am looking at a situation (an online self registry process) where I want to allow a user that is not logged in to be able to create a user and do a number of other functions normally reserved for and restricted to logged in users with a fairly elevated rights. I need to perform these functions from a Python script. What is the best strategy for doing this? I am thinking that creating a separate python script that has elevated rights and allowing Anonymous access to it and calling it from a script that does not have elevated rights is the best strategy to manage it. Am I creating a huge security hole by doing this?