Philipp von Weitershausen wrote:
Indeed, but how do you prevent importing and insecure builtins like
"open" without RestrictedPython?
Well, they can only use the builtins you give them, right?
Hmm, not sure what you mean by this? How do you choose what builtins to
'import' statement can be influenced with import hooks, AFAIK.
ut surely your untrusted python script could then just go and undo those
knwo this for sure, though, so maybe you do need RestrictedPython after
I have a feeling I do, but I'd like to check ;-)
Simplistix - Content Management, Zope & Python Consulting
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -