[Zope-Coders] Re: [Zope-Checkins] CVS: Zope/lib/python/AccessControl - ZopeGuards.py:1.13

[Chris Withers]

R. David Murray wrote:
> 
> Because one of the fundamentals of security is that you deny things
> by default, and allow them in particular.  ie: allow an import
> only of a module you have reviewed and marked as safe.

But you can already import arbitary modules if you dump them in the Products 
directory. Is that dangerous?

> I hate to suggest yet-another-environment-variable, but maybe you could
> have your modification be active only if the admin sets a flag,
> so that he has to take action to lower the security posture of his
> site in order to get the functionality.  Pending a better fix.

It'd probably be just as easy for someone with the prerequisite knowledge to 
spend 5 minutes coming up with a fix that makes everyone happy and the secuirty 
assertions work as documented.

cheers,

Chris