[Zope-dev] XXXPythonScripts release 1.0
Evan Simpson
evan@4-am.com
Sun, 1 Jul 2001 15:06:46 -0500
After seeing the demand for this in a thread on ZopeZen, I've decided to
release XXXPythonScripts, at:
http://www.zope.org/Members/4am/XXXPythonScripts
This Product adds a new Script meta-type: "Script (Python, unsafe)".
You can only create or edit these objects when your Zope has been
started with a special environment variable set. The envar name is
whimsical, but this isn't a joke; By using this Product you add a risk
to your system equivalent to using Telnet to log in as the Zope user.
If somebody sniffs/guesses your login and this is turned on, they can
write Scripts to do whatever the Zope process user can do!
These are compatible with Zope 2.3.x only. I have no immediate plans to
make them work with 2.4.x, but it shouldn't be hard.
Cheers,
Evan @ digicool & 4-am