Chris McDonough writes:
With regards to the restrictions on certain Python functions within Zope, eval is definitely a no-no (as you could cause code to be executed that you otherwise would not have privileges to execute, perhaps something like "eval('context.Control_Panel.manage_shutdown()')". But Zope could expose safe versions of a set of urgently missing functions, example:
has_attribute(obj,attr) (defined as "hasattr(aq_base(obj),attr)") safe_eval (implemented the same way as evaluation in DTML or Page Template)
But I'm afraid I can't actually think up a scenario where deepcopy or copy would cause problems. What, when I try to "deepcopy" the application root. I can imagine that this operation is quite a big load for a large Zope site.
Dieter