Martijn Faassen wrote:
> Stephan Richter wrote:
>> On Friday 10 April 2009, Jim Fulton wrote:
>>>> Unfortunately these are ZC's use cases.
>>> They are not just ZC's use cases.
>> Keas is relying on that safety heavily too. Anyone who wants to build a
>> DSL based on Python really wants zope.security.
> Okay, second case of such usage noticed.
> One thing that worries me is that PyPy folks keep saying it probably
> isn't really secure, though they refuse to specify why not when Chris
> Withers tried to find out last year at EuroPython.
I suspect that's because Python allows anything by default;
zope.security and RestrictedPython only provide a way to close known
similar, though, and that seems to be good enough for most people.
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -