[Zope3-dev] Calling persistent function
Jim Fulton
jim at zope.com
Wed Jan 28 11:27:32 EST 2004
Danny Smith wrote:
> --- Jim Fulton <jim at zope.com> wrote:
>
>
>>This is because, before you can use a file-system
>>module, you must make a security assertion for it
>>in zpt. The following should work:
>>
>><module module="time">
>> <allow attributes="asctime" />
>></module>
>>
>>Obviously, it would be nice for someone to add a lot
>>of these declarations for standard modules to the
>>standard
>>z3 configuration.
>
>
> Every attribute of every standard module?
No, only those that are safe.
> What about
> standard classes and their attributes and methods,
> would security assertions be needed for the whole
> standard library API?
No, only those that are likely to be needed, and
that are safe. :)
> Sounds like a LOT of xml.
It's a lot of security assertions. In Zope 2,
we made the mistake of trying to avoid this sort of
work by trying to use rules to implicitly deduce what
should be made available. This was a huge mistake.
Deny unless specifically allowed requires a lot
more work, but is the only way to go.
> One question, FieldStorage.read() (I think that's the
> method) is forbidden, so Zope 3 web scripters can't
> deal with file uploads. Would I put a similar
> security assertion somewhere?
Yes.
> Sould this go in the
> relevant package's configure.zcml?
Not sure what you mean by the relevent package.
There should perhaps be a file, say, standard.zcml in zope.app
that contains a lot of these sort of declarations.
I haven't given the issue of where to put these files a lot of
thought, nor do I want to take the time to now. :)
Perhaps some others here can help you work this out.
(BTW, are you a contributor?)
Jim
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope3-dev
mailing list