[Zope-dev] Re: RestrtrictedPython vs zope.security.untrustedpython
Chris Withers
chris at simplistix.co.uk
Mon Nov 19 18:15:18 EST 2007
Philipp von Weitershausen wrote:
> On 19 Nov 2007, at 20:26 , Chris Withers wrote:
>>>> So, I'm guessing RestrictedPython is the one to aim for?
>>> No idea what you need...
>>
>> http://mail.python.org/pipermail/python-list/2007-November/466438.html
>
> It seems like zope.security does exactly what you need (e.g. user code
> shouldn't have to import anything as long as you pass proxied objects).
Indeed, but how do you prevent importing and insecure builtins like
"open" without RestrictedPython?
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
More information about the Zope-Dev
mailing list