Re: [Zope] Using md5 with allow_module
Hi Andreas, On 1/8/08, Andreas Jung [EMAIL PROTECTED] wrote: Enough people have struggled with this that I'd like to understand it well enough to add something to the wiki for the next person who has the problem... There is an intriguing comment at the end of the page: http://wiki.zope.org/zope2/HowToAddModulesToRestrictedCode Yes, I saw that. I've been in this situation a couple of times before, and have not pursued the allow_modules() option because it was simple enough to create an external method. However, this seemed like a nice simple case where allow_modules() should work, so I wanted to get to the bottom of it and understand my previous problems. From what you say, the most useful comment I could add to the wiki would be to quote your original response that allow_module() does not work with all and everything and add my own conclusion that if allow_module() does not work in a given case it is not worth spending much troubleshooting time on. I'm happy to accept your advice that allow_modules() simply won't work in all cases - but that's the advice I wish I'd found in the wiki 24 hours ago... -- Cheers, Philip ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Using md5 with allow_module
Hi, I have a need to generate an md5 hash for an XML fragment generated by TTW Zope code. I thought I could do this with allow_module - I have a pseudo-product with an __init_,py that contains: - # Global module assertions for Python scripts from Products.PythonScripts.Utility import allow_module allow_module(md5) In my TTW python script, I have: - import md5 hash=md5.new() hash=hash.update('test') ...but when I execute the script I get: - Error Type: Unauthorized Error Value: The container has no security assertions. Access to 'update' of (md5.md5 object at 0xb98ab00) denied. I'm basing this on: - http://www.zope.org/Documentation/Books/ZDG/current/Security.stx ...specifically the section entitled Utility Functions For Allowing Import of Modules By Through The Web Code. I thought I understood this, and have used it with other Python modules, but based on what is happening with the md5 module, I obvioulsy don't! Can someone clue me in, or point me towards more recent or explicit documentation, please? -- Cheers, Philip ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Using md5 with allow_module
Hi All, Sorry Andreas - I hit reply instead of reply-all, and sent my response only to you. Thanks for your reply. On 1/8/08, Andreas Jung [EMAIL PROTECTED] wrote: FAQ! Yes, there have been a good few questions about this - I spent a lot of time googling yesterday, and found a couple of threads where the questioner seems to have given up at this point. The problem seems to be that it works some of the time - I have another case where it works (pywintypes, FWIW). allow_module() does not work with all and everything. Use an external method or a browser view instead or move your code into your zope product code (if you have one). In this case, how could I know that allow_module() will not work with md5? IOW, how could I tell the difference between a module not being a candidate for allow_module() and an error in my own code? I understand that an external method or a product are my other choices, but I'm really uncomfortable about not understanding how I can tell when I can and when I cannot use allow_module() - at the moment, this feels horribly like trial and error coding! Enough people have struggled with this that I'd like to understand it well enough to add something to the wiki for the next person who has the problem... -- Cheers, Philip ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )