[Zope-dev] how and when to use SecurityManager.addContext

Jamie Heilman jamie@audible.transient.net
Mon, 19 May 2003 23:15:21 -0700


I'm trying to use the equivalent of a (mini) Script (Python) as an
attribute of a Product I'm writing.  I'm confused about how
SecurityManager.addContext works though, and when I should use it.
I'm far enough along in my product code that I'm able to write some
code in a textarea, store that, compile it as a restricted python
function, and execute it when I need to... but I'm not executing it in
any sort of special context.  I get the feeling I should be, though
I'm not sure why.  Is there any documentation on this stuff at all?
Tucked away somewhere?  The whole security policy stack, default
methods, custom methods, its all rather nebulous for me at the moment
and I don't particularly want to publish this product until I'm sure
I'm doing the right thing.

The product is a cache manager, the restricted code represents the
the function that aggregates the cache index, thus the function is
executed whenever a cache get or set is done.

-- 
Jamie Heilman                   http://audible.transient.net/~jamie/
"Most people wouldn't know music if it came up and bit them on the ass."
                                                        -Frank Zappa