18 Jun
2002
18 Jun
'02
7:35 p.m.
Adrian Blockley writes:
We are using Zope to publish some air quality data for our part of the world. We have written a number of simple Zope python scripts and external methods to access the air quality data.
I have to confess we are all relative newbies when it comes to Zope and Python. One of the things I need to check is what level of script hardening and security measures do we need to take. We have a bit more experience with perl CGI scripts and have done standard hardening such as filtering out metacharacters etc. Do we need to take similar measures with Zope python scripting? What other security measures do we need to take? Chris Withers has a Stip-O-Gram module that might help you to sanitize user input.
Dieter