[Zope-dev] Issues with restricted Python (was Re: Zope 2.12 - supported Python versions)

Chris Withers chris at simplistix.co.uk
Fri Oct 31 13:27:07 EDT 2008


Shane Hathaway wrote:
> Yes, and if such a change leads to faster adoption of new Python
> releases by Zope, then it seems like a worthwhile effort.  Instead of a
> tree mutator, RestrictedPython would use a tree copier with a filter.
> New Python features would initially not be supported at all, but that's
> better than accidentally, insecurely, supporting new features.

This sounds like a great idea apart from the caveats I've already 
mentioned about breaking out of an environment comprised of only safe 
builtins, which no-one replied to yet.

How would we get going on this?

cheers,

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk


More information about the Zope-Dev mailing list