Re: Voodoo with ModuleSecurityInfo, was Re: [Zope] importing encode_base64
Paul Winkler wrote at 2005-6-9 15:42 -0400:
...
ModuleSecurityInfo('Products.FooProduct').declarePublic(
'blah', 'foo')
This allows something like:
from Products.FooProduct import foo
But, in fact, you use
from Products.FooProduct import Utils
... Utils.foo ...
Strange, that it worked at all...
Yeah, I think I just happened to hit on some undocumented
behavior that *mostly* works.
Maybe, you should file a bug report:
Undocumented security related features might be viewed
as security holes...
Especially, if something unexpectedly becomes possible...
However, I think, this one in not overly critical.
--
Dieter
___
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
Re: Voodoo with ModuleSecurityInfo, was Re: [Zope] importing encode_base64
Paul Winkler wrote at 2005-6-8 20:48 -0400:
...
from Products.FooProduct import Utils
return Utils.foo(context)
And in Products/FooProduct/__init__.py, I had this:
ModuleSecurityInfo('Products.FooProduct').declarePublic(
'blah', 'foo')
This allows something like:
from Products.FooProduct import foo
But, in fact, you use
from Products.FooProduct import Utils
... Utils.foo ...
Strange, that it worked at all...
--
Dieter
___
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
