[Zope] New restricted python - How to use in my Product?
Christian Theune
ct@gocept.com
Tue, 31 Jul 2001 09:23:36 +0200
--MGYHOYXEY6WxJCY8
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hmm. I take a look and am a bit confused.
With the old python (rexec) i had the possibility
to have something evaluated fairly(?) secure within
3 lines. Now I shall create a THAT big class and
environment to have a simple evaluation?
Well, I don't need Zope restrictions nor enhancements.
And I don't need to be in a Zope namespace.
I just need to evaluate single, simple python statements
like:
None
[1,2,3,4]
1
'asdf'
Is there an easier way? Just using eval() is supposed to
be unsecure.
Thanks
Christian
On Mon, Jul 30, 2001 at 09:44:45AM -0400, Evan Simpson wrote:
> Christian Theune wrote:
>=20
> > With Zope 2.4.0 there is the new RestrictedPython module
> > with this "expression" thing, but I can't find any
> > useful documentation on how to use that.
>=20
>=20
> Check out the PythonExpr class in ZRPythonExpr.py of PageTemplates. It=
=20
> shows how to compile and evaluate an expression with Zope restrictions.
>=20
> Cheers,
>=20
> Evan @ 4-am & Zope
>=20
>=20
>=20
--=20
Christian Theune - ct@gocept.com
gocept gmbh & co.kg - schalaunische strasse 6 - 06366 koethen/anhalt
tel.+49 3496 3099112 - fax.+49 3496 3099118 mob. - 0178 48 33 981
reduce(lambda x,y:x+y,[chr(ord(x)^42) for x in 'zS^BED\nX_FOY\x0b'])
--MGYHOYXEY6WxJCY8
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Weitere Infos: siehe http://www.gnupg.org
iD8DBQE7Zlz4dUt9X/gknwIRAgNoAJ9GDDAbzHSdFtNef5T1IPCZekDDfQCgx+TW
PO1pNzYy5ulLczQQukdzS10=
=lZk8
-----END PGP SIGNATURE-----
--MGYHOYXEY6WxJCY8--