[Zope-dev] PageTemplateFile vs. Bindings vs. Security
Dario Lopez-Kästen
dario at ita.chalmers.se
Thu Mar 25 06:22:39 EST 2004
Jamie Heilman wrote:
> Martijn Faassen wrote:
>
>>On the other hand, in situations where the PageTemplate designers are
>>*not* security conscious (they're designers, not primarily programmers)
>>the option of explicit checks is useful.
>
> PageTemplateFile is a class used by Product authors, just like
> DTMLFile. If you can write a product, you are either security
> conscious or your product is worthless.
exactly. let's not design technical solutions to non-technical problems.
These kind of tools (ie Zope and Zope products) should be versatile, and
constraints on their usage should come from best practices anc conscient
knowledge and not from the way the tools are implemented.
/dario
--
-- -------------------------------------------------------------------
Dario Lopez-Kästen, IT Systems & Services Chalmers University of Tech.
More information about the Zope-Dev
mailing list