The Doctor What <docwhat@gerf.org> wrote:

* Tres Seaver (tseaver@digicool.com) [001130 09:06]:

...

Chris Withers <chrisw@nipltd.com> wrote: 'lambda' is actually a keyword, not a function, and hence works fine in PM0.1.7. 'map()', 'filter()', et al., were deemed to be susceptible to being used in DOS attacks, and hence are not permitted in through-the-web code (they would need to be added to the '_' namespace, like 'str()', et aliae).

For those of us who are trying to figure out everything at a low level, where would this be in the source?

* 'lambda' as keyword: http://www.python.org/doc/1.5.2p2/ref/lambda.html#l2h-317 * DTML sets up the "safe" functions (available in the '_' namespace), in: $SOFTWARE_HOME/DocumentTemplate/DT_Util.py. * "Old" PythonMethod stuff tries hard to limit the user to the same set of "builtins" as DTML; see: $INSTANCE_HOME/Products/PythonMethod/Guarded.py (note that TemplateDict's "safe" methods are borrowed). Tres. -- =============================================================== Tres Seaver tseaver@digicool.com Digital Creations "Zope Dealers" http://www.zope.org