[Zope] External / Internal Methods
Christopher G. Petrilli
petrilli@amber.org
Mon, 1 Mar 1999 09:50:12 -0500
On Mon, Mar 01, 1999 at 10:16:18AM -0000, julian@zereau.net wrote:
>
> On 26-Feb-99 Michael Bernstein wrote:
> > "Christopher G. Petrilli" wrote:
> >>
> >> I vaguely recall this being discussed in the past, but I can't find it
> >> in my archives...
> >>
> >> Has anyone tried to make a comparable thing to an "External Method" but
> >> that is contained in the database itself?
> >
> > I believe that this was rejected by DC because of security issues.
> > Letting people store and run Python code directly in the database is
> > essentially the same as giving someone complete access to the system.
>
> Does python have anything equivalent to Perl's taint mode? Because if it does
> then this could be used. That and restricting allowable APIs from internal
> methods - again, if this is possible.
>
I don't want to get into a language war, but as someone who lives and
breathes security, taint mode is a joke. Python's rexec module would be
great (as would Bastion), but this is going to require a much higher
level of ZopeZen to implement than I currently have. Yes I know my
proposal was wrought with huge security problems, but regardless it is
valuable to a some people in the near term (such as those of us on the
STarship).
BTW, requiring write access to the file system is only trivially more
secure.
Chris
--
| Christopher Petrilli ``Television is bubble-gum for
| petrilli@amber.org the mind.''-Frank Lloyd Wright