i don't want him to be able to directly access (read/write) the database i am using. *AFAIK*, ZSQLMethods won't do for this.

Then put constraints in on your database, or make the whole connection read-only.

I want to have full access rights on the database through the external methods.

Usually you dont want that. Sane security constrains on database save
you a lot mistakes if done right. You can also use views and stored
functions to further tighten your security.

Bad done external methods are more likely to open security holes.

You're really buying nothing with all this other than wasting a lot of your time...

I really hope i don't! :-) As Dieter said, my application is not a conventional Zope application.

What is it instead? :)

I could say that, for this project, i am using Zope:
- as a much safer alternative to CGI

but not if compromized :)

- for its templating machinery
- because it is built on Python and the project is based on Python
- i like Zope :-)

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to