Chris Withers wrote: > Jim Fulton wrote: >> On Oct 24, 2008, at 10:01 AM, Chris Withers wrote: >> >>> Jim Fulton wrote: >>>> The problem is that it it starts with an environment in which things >>>> are allowed by default, and takes things away. This means that if >>>> anything is forgotten, then you end up with holes. >>> Isn't there a way we could change the AST manipulation such that we >>> start with nothing and only allow opcodes as and when they're added to >>> the RestrictedPython implementation? >> No. we're starting with an existing program written in a Python script >> or expression. We then have to sanitize it. > > Could that sanitization could be a filter that lets nothing through, and > then builds from there?
Yes, and if such a change leads to faster adoption of new Python releases by Zope, then it seems like a worthwhile effort. Instead of a tree mutator, RestrictedPython would use a tree copier with a filter. New Python features would initially not be supported at all, but that's better than accidentally, insecurely, supporting new features. Shane _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )