----- Original Message ----- From: "Eric Bréhault" <[EMAIL PROTECTED]>
To: <zope@zope.org>
Sent: Thursday, March 15, 2007 4:19 PM
Subject: Re: [Zope] build a safe proxy

No :-)
I just want to run untrusted Python code using exec and I need this code to
be allowed to access few methods on few Plone portal tools, but nothing
For instance:
would be accepted but:
would be forbidden.

I tried to use zope.security.untrustedpython and also I had a look in
zope.tales.expressions to understand how it works but I didn't succeed in
understanding how I can define what is authorized and what is forbidden.
Apparently it must be done using NamesChecker but I haven't found
documentation about it (I tried to copy/paste the unit tests but

What would you recommend ? What is the 'official' way to run an untrusted
python code with exec and control what this code can do or not ?

How about an external method?


Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to