Tres Seaver wrote:
> Ugh. -1 to any attempt to use "space suits" in Z2. I would rather move
> to a model which made it easy to mark some / all TTW objects as
> "trusted", disabling security checks altogether: the "untrusted users
> can edit TTW code" use case is pretty much irrelevant for any site I
> have worked on, with the exception of "old Zope.org", in ten years of
> working with Zope.
Well yeah, but there's two cases which I bump into a lot:
- semi-trusted and clued users editting ttw
- paranoia over damage to anything other than the ZODB in the case of a
TTW site having its auth compromised. (eg: someone writing their
password on a post-it note)
For both of these, RestrictedPython working as advertising would be a
"good thing"...
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
_______________________________________________
Zope-Dev maillist - Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
