Andreas Jung wrote at 2006-7-8 14:12 +0200:
> ...  removing TTW reST ...

[Andreas]

>In addition I don't see a big problem for Zope-only(!) apps.

Of course, you must also consider applications built on top
of Zope -- such as "ZWiki" and "Plone". They, too, need to be
protected.

[Jim] ... retain only when someone takes responsibility ...
>> Otherwise it has to go.

[Andreas]

>No :-)

This, time I am on your side, Andreas :-)

I agree with you that a feature ("file/url" inclusion code)
physically removed from the shipped code can be considered no longer
causing security risks -- even without extensive tests.

I also agree with you, that this is preferable to dropping "reST"
altogether (despite the fact, that I personnally do not use it).


Of course, an artistically set Python path could cause Python's docutils
to be used -- but hey, that's then a locally caused problem.



-- 
Dieter
_______________________________________________
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to