[Zope] Re: [Crew] Re: External Methods?

Tres Seaver tseaver@palladion.com
Tue, 02 Mar 1999 14:16:27 -0600 

Christopher G. Petrilli wrote:
> 
> On Tue, Mar 02, 1999 at 01:43:10PM -0600, Tres Seaver wrote:
> 
> > The particulars of my case are that the control structures of DTML are not quite
> > powerful enough to accomplish my task;  of course, strengthening them, even in a
> > "sandbox" model, still leaves open the possibility for buggy/malicious code to
> > do ugly things (like your example below).
> 
> Well, it might help if you offered what control strucuture you need, we
> might be able to come up wit han interim solution.

Ok, the "teeth-cutting" example I am trying to implement generates math-facts
problems for my five year old.  In Python, two trivial functions:


I _think_ this one is easy in DTML:

    def problem( max_term, operators ) :
        """ Generate a single math-fact problem whose terms are within
            range( max_term + 1 ), using one of the supplied operators.
        """
        lhs = random.randrange( max_term + 1 )
        rhs = random.randrange( max_term + 1 )
        operation = operators[ random.randrange( len( operators ) ) ]
        return ( lhs, operation, rhs )

But not this one:

    def gen_problem( max_term, operators ) :
        """ Generate a math-fact problem whose terms and results are all within
            range( max_term ), using the supplied operators.
        """

        while 1 : # Arbitrary looping! (could benefit from
                  #   the dreaded assignment-in-conditional :)

            probStr = "%d %s %d" % problem( max_term, operators )
            result = eval( probStr )

            if 0 <= result and result <= max_term :
                return probStr

And of course, the DTML syntax for something like this is going to be ugly.

> 
> > Actually, the possibility which seemed most interesting was Doug Wyatt's
> > suggestion of "federating" a set of independent Zbases under one (at least
> > apparently one) server.  Then any damage my ExternalMethod did would be to the
> > Zbase would be on my own head, at least.  If that server were actually a process
> > running as me, then standard system security procedures should probably be fine.
> >
> 
> TO me this is just a hack to get around it near term, and doesn't fix
> the problem.  Also if you have 100 users, do you have 100 instances of
> zope running under 1 ZServer?  That sounds like a true administrative
> nightmare...  And substantial overkill.

One instance per "sandbox", not one per user (although on starship this is a
distinction without a difference).  The "content manager only" applications will
do fine in a single Zope instance, as now.

-- 
=========================================================
Tres Seaver         tseaver@palladion.com    713-523-6582
Palladion Software  http://www.palladion.com