--On 26. Januar 2007 10:29:08 -0500 "Mark, Jonathan (Integic)" <[EMAIL PROTECTED]> wrote:
I have an external method which uses eval(). I would like to prevent anyone from calling this method from inside a URL, e.g., myzopesite/myexternalmethod?myvar=deletemyfiles() Rather, I wish for only Zope objects such as Python Scripts to be able to call this external method. Is there any way to turn off the publishing of external methods to the web in Zope?
The standard Zope security also apply to external method. Configure the View permission according to your needs. -aj
pgpW28Te4VEJD.pgp
Description: PGP signature
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )