[Zope] DTML, Zope and Regex

Paul Winkler pw_lists@slinkp.com
Wed, 10 Jul 2002 11:01:04 -0400


On Wed, Jul 10, 2002 at 03:17:14PM +0100, Ben Avery wrote:
> well, external methods are python scripts with no safety measures at 
> all, 

For one thing, they live on the filesystem. If somebody has read/write access
to your filesystem, you have much bigger problems than what th
can do to your external methods. e.g. rm -f var/Data.fs.

For another thing, you can control via zope's security interface who
has permission to add External Methods. So you can restrict them to
trusted developers.

At least, I think that's the idea...

-- 

Paul Winkler
home:  http://www.slinkp.com
"Muppet Labs, where the future is made - today!"