[Zope-dev] Re: RestrtrictedPython vs zope.security.untrustedpython
Philipp von Weitershausen
philipp at weitershausen.de
Mon Nov 19 15:05:55 EST 2007
On 19 Nov 2007, at 20:26 , Chris Withers wrote:
>>> So, I'm guessing RestrictedPython is the one to aim for?
>> No idea what you need...
>
> http://mail.python.org/pipermail/python-list/2007-November/466438.html
It seems like zope.security does exactly what you need (e.g. user code
shouldn't have to import anything as long as you pass proxied
objects). <shameless plug> My book's chapter 21 does a complete walk-
through of the zope.security system.</shamesless plug>
> Out of interest, if all non-standard objects (ie: content) are
> wrapped in security proxies, do getattr and setattr still need to be
> overridden?
Nope.
More information about the Zope-Dev
mailing list