[Zope] Python Method
Farzad Farid
farzy@via.ecp.fr
Thu, 10 Feb 2000 14:48:25 +0100
On Thu, Feb 10, 2000, Phil Harris wrote:
> To my understanding the security model applied to Python Methods does not
> allow you to access files that sit on the 'real' filesystem.
>
> It would be a *huge* security hole to allow this.
>
> You are going to have to use an external method to accomplish what you
> desire.
>
Or, if you are reckless, you can edit the file
lib/python/Products/PythonMethod/Guarded.py and set 'do_XXX' to
1. After you restart Zope you'll have a new object called 'XXX Python
Method' that can use the 'open' and 'import' functions, among other
benefits. This method seems a bit dangerous but I needed it.
The problem is that the PythonMethod product gives you all or nothing
depending on this variable, there is no intermediate security level.
--
Farzad FARID <farzy@via.ecp.fr>
Ingénieur Informatique Libre
Alcôve - http://www.alcove.fr/