On 3/16/07, Eric Bréhault <[EMAIL PROTECTED]> wrote:
My understanding of PythonScripts is it is a way to allow the import of such
or such module, and the use of such or such method in those modules, but it
doesn't prevent the access to such or such attributes on existing objects,
does it ?


It uses the Zope security machinery to determine what access the code
has. So the code in a script cannot access any attributes that the
user running the code has access to through the web in the first
place.

--
Martijn Pieters
_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to