[Zope-dev] Re: RestrtrictedPython vs zope.security.untrustedpython
Chris Withers
chris at simplistix.co.uk
Mon Nov 19 14:26:07 EST 2007
Philipp von Weitershausen wrote:
> Yes, it's a low-level compiler for Python code that replaces certain
> operations such as getattr with respective guards. You'll have to
> provide such guards, though. "Script (Python)" is based on
> Shared.DC.Scripts which implements such guards that do checks based on
> AccessControl.
>
> It looks like zope.security.untrustedpython integrates RestrictedPython
> with zope.security.
Ahhhh, I see now...
>> So, I'm guessing RestrictedPython is the one to aim for?
>
> No idea what you need...
http://mail.python.org/pipermail/python-list/2007-November/466438.html
Out of interest, if all non-standard objects (ie: content) are wrapped
in security proxies, do getattr and setattr still need to be overridden?
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
More information about the Zope-Dev
mailing list