[Zope] Problem with regular expressions in python scripts (get
an unauthorized error message)
Joel Burton
jburton@scw.org
Tue, 31 Jul 2001 10:33:28 -0400 (EDT)
On Tue, 31 Jul 2001, Arnulf Heimsbakk wrote:
> I'm trying to use a regular expression in python-script. It gives me an
> unauthorized error every time I try to run it. Saving the script works
> without errors. What do I do wrong..?!!
Regular expressions cannot be used in Python Scripts because of security
problems.
It's very easy to write a regular expression that uses all of the memory
on your computer, or that goes into a near-infinite loop. Since
PythonScripts are designed to be written by average content designers,
this would give them the power to take down your site.
IIRC, you can add modules to
/lib/python/Products/PythonScripts/standard.py and then they can be made
available to Python Scripts. I'd take the security warning to heart,
though, unless you trust all of your managers.
--
Joel Burton <jburton@scw.org>
Director of Information Systems, Support Center of Washington