[Zope] Import & Zope Security
Chris Withers
chrisw@nipltd.com
Mon, 11 Sep 2000 11:25:27 +0100
Martijn Pieters wrote:
> No it isn't. Web access to class instances is handled by permissions.
> Unpickling will cause class instantiation in the python process, where you
> have no control over what get's created.
Surely you could pipe this process through the Zope security process?
> You can create a custom
> unpickling class, but one that would handle the Zope range of objects
> would be, in Jim's words "tricky".
...then again, maybe not :-(
*sigh*
Chris :-)