[Zope] Scripts, external methods and security

[Dieter Maurer]

Adrian Blockley writes:
 > We are using Zope to publish some air quality data for our part of the 
 > world.  We have written a number of simple Zope python scripts and 
 > external methods to access the air quality data.
 > 
 > I have to confess we are all relative newbies when it comes to Zope and 
 > Python.  One of the things I need to check is what level of script 
 > hardening and security measures do we need to take.  We have a bit more 
 > experience with perl CGI scripts and have done standard hardening such 
 > as filtering out metacharacters etc.  Do we need to take similar 
 > measures with Zope python scripting? What other security measures do we 
 > need to take?
Chris Withers has a Stip-O-Gram module that might help you to
sanitize user input.


Dieter