Philipp von Weitershausen wrote:
Yes, it's a low-level compiler for Python code that replaces certain operations such as getattr with respective guards. You'll have to provide such guards, though. "Script (Python)" is based on Shared.DC.Scripts which implements such guards that do checks based on AccessControl.


It looks like zope.security.untrustedpython integrates RestrictedPython with zope.security.

Ahhhh, I see now...

So, I'm guessing RestrictedPython is the one to aim for?

No idea what you need...

http://mail.python.org/pipermail/python-list/2007-November/466438.html

Out of interest, if all non-standard objects (ie: content) are wrapped in security proxies, do getattr and setattr still need to be overridden?

cheers,

Chris

--
Simplistix - Content Management, Zope & Python Consulting
           - http://www.simplistix.co.uk
_______________________________________________
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to