Hi, Someone has told me that if I wanted to access object in the filesystem, I had to use External Methods instead of use the local filesystem Zope Product. When I was seeing something in python, to can write the code, I went to the zope page and I discorery a Product that is like the External Method, that product was the Python Method that let us write the code python and let us access to the filesystem as the same way as the External Method. What I wanted is that, if someone as tryed this product, or External Method, because the code un Python is the same, if can help me in one thing. I have one folder in the filesystem that I want to access. I'm using the OPEN, to can open the folder and I want to read the content of that folder. The code line is like: f = open('var/spool/news/articles','r') But unfortanelly, when I reun this and the rest of the code, it gives me a Syntax Error. I think that the error may be in this code line, because the otherones are correct. Can anyone tell me a way to access the content of the folder access? The other problem that I have is, I want to search in some text, that it is too in the filesystem, for some words. For example: I want to find in that file, the word From: and when he founds the word, he has to write the text after to a variable. The code that I'm using is: for lines in f.readline(): if string.find(line,'Form:'): from=lines return from Is this code correct? If anyone could help me, that would be great!!! This is urgent, please send your answer to: psilva@ruido-visual.pt Thanks, Pedro Silva
To my understanding the security model applied to Python Methods does not allow you to access files that sit on the 'real' filesystem. It would be a *huge* security hole to allow this. You are going to have to use an external method to accomplish what you desire. HTH phil phil.haris@zope.co.uk -----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Pedro Silva Sent: Thursday, February 10, 2000 11:46 AM To: Zope - Questions Subject: [Zope] Python Method Hi, Someone has told me that if I wanted to access object in the filesystem, I had to use External Methods instead of use the local filesystem Zope Product. When I was seeing something in python, to can write the code, I went to the zope page and I discorery a Product that is like the External Method, that product was the Python Method that let us write the code python and let us access to the filesystem as the same way as the External Method. What I wanted is that, if someone as tryed this product, or External Method, because the code un Python is the same, if can help me in one thing. I have one folder in the filesystem that I want to access. I'm using the OPEN, to can open the folder and I want to read the content of that folder. The code line is like: f = open('var/spool/news/articles','r') But unfortanelly, when I reun this and the rest of the code, it gives me a Syntax Error. I think that the error may be in this code line, because the otherones are correct. Can anyone tell me a way to access the content of the folder access? The other problem that I have is, I want to search in some text, that it is too in the filesystem, for some words. For example: I want to find in that file, the word From: and when he founds the word, he has to write the text after to a variable. The code that I'm using is: for lines in f.readline(): if string.find(line,'Form:'): from=lines return from Is this code correct? If anyone could help me, that would be great!!! This is urgent, please send your answer to: psilva@ruido-visual.pt Thanks, Pedro Silva
On Thu, Feb 10, 2000, Phil Harris wrote:
To my understanding the security model applied to Python Methods does not allow you to access files that sit on the 'real' filesystem.
It would be a *huge* security hole to allow this.
You are going to have to use an external method to accomplish what you desire.
Or, if you are reckless, you can edit the file lib/python/Products/PythonMethod/Guarded.py and set 'do_XXX' to 1. After you restart Zope you'll have a new object called 'XXX Python Method' that can use the 'open' and 'import' functions, among other benefits. This method seems a bit dangerous but I needed it. The problem is that the PythonMethod product gives you all or nothing depending on this variable, there is no intermediate security level. -- Farzad FARID <farzy@via.ecp.fr> Ingénieur Informatique Libre Alcôve - http://www.alcove.fr/
On Thu, 10 Feb 2000 14:48:25 +0100, Farzad Farid <farzy@via.ecp.fr> wrote:
The problem is that the PythonMethod product gives you all or nothing depending on this variable, there is no intermediate security level.
I dont see much advantage to 'half secure'. Toby Dickenson tdickenson@geminidataloggers.com
On Thu, Feb 10, 2000, Toby Dickenson wrote:
On Thu, 10 Feb 2000 14:48:25 +0100, Farzad Farid <farzy@via.ecp.fr> wrote:
The problem is that the PythonMethod product gives you all or nothing depending on this variable, there is no intermediate security level.
I dont see much advantage to 'half secure'.
If for example I need a simple hashing function like md5 I cannot even use an 'import md5' statement in a PythonMethod. I have to use an External Method, therefore a root access on the server, which is quite painful, juste to be able to use that simple function. Unless I missed the point, but there's no documention in PythonMethod to help me. Regards -- Farzad FARID <farzy@via.ecp.fr> Ingénieur Informatique Libre Alcôve - http://www.alcove.fr/
participants (4)
-
Farzad Farid -
Pedro Silva -
Phil Harris -
Toby Dickenson