[Zope-Coders] Re: [Zope-Checkins] CVS: Zope/lib/python/AccessControl - ZopeGuards.py:1.13
Martijn Pieters
mj@zope.com
Tue, 17 Dec 2002 14:57:41 -0500
On Tue, Dec 17, 2002 at 07:46:18PM +0000, Chris Withers wrote:
> But you can already import arbitary modules if you dump them in the
> Products directory. Is that dangerous?
The point is that untrusted users can cause imports. Only admins can cause
packages to be placed in Products; your change allows *any* package to be
imported.
--
Martijn Pieters
| Software Engineer mailto:mj@zope.com
| Zope Corporation http://www.zope.com/
| Creators of Zope http://www.zope.org/
---------------------------------------------