[Zope] Using md5 with allow_module

Running Clam running.clam at gmail.com
Mon Jan 7 16:10:32 EST 2008


Hi,

I have a need to generate an md5 hash for an XML fragment generated by
TTW Zope code.

I thought I could do this with "allow_module" - I have a
pseudo-product with an __init_,py that contains: -

# Global module assertions for Python scripts
from Products.PythonScripts.Utility import allow_module
allow_module("md5")

In my TTW python script, I have: -

import md5

hash=md5.new()
hash=hash.update('test')

...but when I execute the script I get: -

Error Type: Unauthorized
Error Value: The container has no security assertions. Access to
'update' of (md5.md5 object at 0xb98ab00) denied.

I'm basing this on: -

http://www.zope.org/Documentation/Books/ZDG/current/Security.stx

...specifically the section entitled " Utility Functions For Allowing
Import of Modules By Through The Web Code".

I thought I understood this, and have used it with other Python
modules, but based on what is happening with the md5 module, I
obvioulsy don't!

Can someone clue me in, or point me towards more recent or explicit
documentation, please?

--

Cheers,

Philip


More information about the Zope mailing list