Jonathan wrote:
Andreas wrote:

My 2 cents: PythonScripts are restricted and are *not* thought to be a full
replacement for Python modules. If you need this functionaltiy consider
writing a Zope Product, using external methods or using TrustedExecutables.

If python scripts are restricted from accessing zExceptions (for security reasons???) then why allow python scripts to trap zExceptions in bare try/excepts? If the logic for not allowing zExceptions in plain vanilla python scripts is for security reasons, then allowing bare try/excepts would seem to be a security hole (though, I don't see the rationale for this).

I would imagine that not allowing these exceptions to be imported in trusted code is simply an oversight. The mechanism involved is not a "you may not import this" type of thing, but rather a "you may import this" statement. It is easy to miss safe but rarely used pieces.

If you have a list of exceptions you would like to have available, go and file a bug report. A patch would be even better.

"Building Websites with Plone"

Enfold Systems, LLC
Zope maillist  -
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to