in>, Michel Pelletier <[EMAIL PROTECTED]> writes
>On Sat, 27 Jan 2001, Robin Becker wrote:
>> seems to be taking an awful lot of my machine's resources
>The saftey restraints in through the web code try to catch only the most
>naive programmer errors (like obvious infinite loops ie "while 1:"), *not*
>DOS attacks.  If you are worried about that, do not give untrusted users
>the ability to write scripts or methods.  DTML and Perl are just as
>susceptible to this problem.  For example, all executable code is limited
>to a finite number of iterations, but this is trivial to defeat:
><dtml-in "_.range(10000)">
>  <dtml-in "_.range(10000)">
>    <dtml-in "_.range(10000)">
>      ...
>you get the idea.  Only allow trusted users to create executable content.
>If you feel the restraints placed on you by through the web scripts to be
>too much, use an external method.
I feel that allowing any scripting to be public will inevitably invite
such attacks. So what you are implying is that even trusted users can
make mistakes as allowing non trusted users to do scripting shouldn't be
done. When the trusted user has got his script working properly can he
then remove the restraints? What happens when I really want to make very
large xranges etc or use those rather useful things which are presently

Yes, I can use External Methods if I have access to the machine, but
those 'trusted' scripts could be just as easily handled by a 'Trusted
Python Scripts' Zope object which didn't have all the rather (as you say
yourself) pointless safety checks. Then I could handle the safety issue
in Zope and not in the base OS. There would be many advantages in having
allowing 'unsafe' scripting inside the Zope domain. 
Robin Becker

Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to