14 Feb
2000
14 Feb
'00
11:33 p.m.
----- Original Message ----- From: Tres Seaver <tseaver@palladion.com>
Hmm, maybe we need to wrap any "global" dictionary / list in a "readonly decorator", and let lists/dictionaries declared locally be the "normal" ones.
It should be enough to have the wrapper not implement 'append', 'extend', etc, since DTML/PM security only lets method calls mutate these objects. I would *love* to come up with a way to implement this on the DTML side rather than searching Zope for dangerous exposed mutable objects. One way would be to automatically wrap all *local* lists and dicts, then insert checks to allow only 'read' methods of raw types. Yechh. Cheers, Evan @ digicool