RE: [Zope-dev] Import Libraries into Python Script
Brian Lloyd wrote:
> > What's wrong with:
>>
>> import imaplib
>> imaplib.__allow_access_to_unprotected_subobjects__ = 1
>
>Nothing is wrong with it per se - but using the SecurityInfo
>interfaces (even indirectly through the helper stuff I checked
>in to PythonScripts for 2.3.1) is more future-proof, in case
>the actual mechanics of protection change one day.
Thanks for explaining. I read the release notes for 2.3.1 just hours
after sending my question. Doing this with the new helper functions
sounds like a good way.
> > And, if the above is somehow bad or insecure, how would you use your
>> method to allow access to specific methods in a module, as in:
>>
>> import re
>> re.__allow_access_to_unprotected_subobjects__ = {
>> 'sub': 1,
>> }
>
>You can see a minimal example in the standard.py module in
>the PythonScripts package (though there is no helper shortcut
>for that method yet - there probably should be).
A helper shortcut would be nice :)
--
Itai Tavor -- "Je sautille, donc je suis."--
[EMAIL PROTECTED]-- - Kermit the Frog --
-- --
-- "Every day, once a day, give yourself a present" - Dale Cooper --
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Import Libraries into Python Script
Itai Tavor wrote: > > What's wrong with: > > import imaplib ^ That's the line that barfs... > imaplib.__allow_access_to_unprotected_subobjects__ = 1 ...so this one never gets executed ;-) cheers, Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
RE: [Zope-dev] Import Libraries into Python Script
> What's wrong with:
>
> import imaplib
> imaplib.__allow_access_to_unprotected_subobjects__ = 1
Nothing is wrong with it per se - but using the SecurityInfo
interfaces (even indirectly through the helper stuff I checked
in to PythonScripts for 2.3.1) is more future-proof, in case
the actual mechanics of protection change one day.
> And, if the above is somehow bad or insecure, how would you use your
> method to allow access to specific methods in a module, as in:
>
> import re
> re.__allow_access_to_unprotected_subobjects__ = {
> 'sub': 1,
> }
You can see a minimal example in the standard.py module in
the PythonScripts package (though there is no helper shortcut
for that method yet - there probably should be).
Brian Lloyd[EMAIL PROTECTED]
Software Engineer 540.371.6909
Digital Creations http://www.digicool.com
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
RE: [Zope-dev] Import Libraries into Python Script
What's wrong with:
import imaplib
imaplib.__allow_access_to_unprotected_subobjects__ = 1
And, if the above is somehow bad or insecure, how would you use your
method to allow access to specific methods in a module, as in:
import re
re.__allow_access_to_unprotected_subobjects__ = {
'sub': 1,
}
Itai
Brian Lloyd wrote:
>This needs to be documented (and made a little easier), but
>heres a quick primer:
>
>
> o Create a new directory in your 'Products' directory
> (called ModuleAssertions or something like that - the
> name is unimportant).
>
> o Create an '__init__.py' file in the new directory.
>
> o Add module assertions like the example below to __init__.py:
>
># Site-wide module security assertions
>
>from AccessControl.SecurityInfo import ModuleSecurityInfo
>import string
>
>def allow_module(module_name):
> module = __import__(module_name)
> sec_info=ModuleSecurityInfo(module)
> sec_info.setDefaultAccess(1)
> sec_info.apply(module.__dict__)
> for part in string.split(module_name, '.')[1:]:
> module=getattr(module, part)
> sec_info=ModuleSecurityInfo(module)
> sec_info.setDefaultAccess(1)
> sec_info.apply(module.__dict__)
>
>
># Allow access to base64 module
>allow_module('base64')
>
># Allow access to imaplib
>allow_module('imaplib')
>
>
> o Restart Zope
>
>
>
>
>
>Brian Lloyd[EMAIL PROTECTED]
>Software Engineer 540.371.6909
>Digital Creations www.digicool.com
>
>> -Original Message-
>> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf
>> Of Chris Withers
>> Sent: Thursday, February 15, 2001 6:49 AM
>> To: [EMAIL PROTECTED]
>> Subject: [Zope-dev] Import Libraries into Python Script
>>
>>
>> Hi,
>>
>> What's the 'approved' way of validating standard python modules
>> so they can be
>> imported in Python Scripts?
>>
>> I want to import imaplib but can't find out how :-(
>>
>> cheers,
>>
> > Chris
--
--
Itai Tavor -- "Je sautille, donc je suis."--
[EMAIL PROTECTED]-- - Kermit the Frog --
-- "What he needs now is understanding... and a confederate victory" --
-- Dr. Jacobi, Twin Peaks --
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
RE: [Zope-dev] Import Libraries into Python Script
This needs to be documented (and made a little easier), but
heres a quick primer:
o Create a new directory in your 'Products' directory
(called ModuleAssertions or something like that - the
name is unimportant).
o Create an '__init__.py' file in the new directory.
o Add module assertions like the example below to __init__.py:
# Site-wide module security assertions
from AccessControl.SecurityInfo import ModuleSecurityInfo
import string
def allow_module(module_name):
module = __import__(module_name)
sec_info=ModuleSecurityInfo(module)
sec_info.setDefaultAccess(1)
sec_info.apply(module.__dict__)
for part in string.split(module_name, '.')[1:]:
module=getattr(module, part)
sec_info=ModuleSecurityInfo(module)
sec_info.setDefaultAccess(1)
sec_info.apply(module.__dict__)
# Allow access to base64 module
allow_module('base64')
# Allow access to imaplib
allow_module('imaplib')
o Restart Zope
Brian Lloyd[EMAIL PROTECTED]
Software Engineer 540.371.6909
Digital Creations www.digicool.com
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf
> Of Chris Withers
> Sent: Thursday, February 15, 2001 6:49 AM
> To: [EMAIL PROTECTED]
> Subject: [Zope-dev] Import Libraries into Python Script
>
>
> Hi,
>
> What's the 'approved' way of validating standard python modules
> so they can be
> imported in Python Scripts?
>
> I want to import imaplib but can't find out how :-(
>
> cheers,
>
> Chris
>
> ___
> Zope-Dev maillist - [EMAIL PROTECTED]
> http://lists.zope.org/mailman/listinfo/zope-dev
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope )
>
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
