Lennart Regebro wrote:
> On Thu, Jan 22, 2009 at 10:38, Chris Withers <ch...@simplistix.co.uk> wrote:
>>> Note that Jim never explained to me how he does these audits, but I gathered
>>> some methods he used in conversations. I think I did a pretty thorough job
>>> during the review.
>> Yeah, this disturbs me a lot still though :-S
>
> I know the feeling. :) I completely trust that Stephan did a good job
> if he thinks he did, but I would be happy if we could gather a bunch
> of smart people to spread the knowledge. Maybe a security review
> sprint at PyCon, or somesuch? I'd like to hang in a corner and suck up
> the smartness. :)
The problem is that all the PyPy people smart enough to help just go
"that's a bad idea, go away", and it seems only Jim is really confident
enough to say how things should be with RestrictedPython in its current
form...
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
_______________________________________________
Zope-Dev maillist - Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
