Voodoo with ModuleSecurityInfo,
was Re: [Zope] importing encode_base64
Dieter Maurer
dieter at handshake.de
Fri Jun 10 14:31:02 EDT 2005
Paul Winkler wrote at 2005-6-9 15:42 -0400:
> ...
>> >ModuleSecurityInfo('Products.FooProduct').declarePublic(
>> > 'blah', 'foo')
>>
>> This allows something like:
>>
>> from Products.FooProduct import foo
>>
>> But, in fact, you use
>>
>> from Products.FooProduct import Utils
>> ... Utils.foo ...
>>
>> Strange, that it worked at all...
>
>Yeah, I think I just happened to hit on some undocumented
>behavior that *mostly* works.
Maybe, you should file a bug report:
Undocumented security related features might be viewed
as security holes...
Especially, if something unexpectedly becomes possible...
However, I think, this one in not overly critical.
--
Dieter
More information about the Zope
mailing list