[Zope-dev] Re: RestrtrictedPython vs zope.security.untrustedpython

Philipp von Weitershausen philipp at weitershausen.de
Mon Nov 19 15:05:55 EST 2007


On 19 Nov 2007, at 20:26 , Chris Withers wrote:
>>> So, I'm guessing RestrictedPython is the one to aim for?
>> No idea what you need...
>
> http://mail.python.org/pipermail/python-list/2007-November/466438.html

It seems like zope.security does exactly what you need (e.g. user code  
shouldn't have to import anything as long as you pass proxied  
objects). <shameless plug> My book's chapter 21 does a complete walk- 
through of the zope.security system.</shamesless plug>

> Out of interest, if all non-standard objects (ie: content) are  
> wrapped in security proxies, do getattr and setattr still need to be  
> overridden?

Nope.



More information about the Zope-Dev mailing list