On 3/16/07, Eric Bréhault <[EMAIL PROTECTED]> wrote:
My understanding of PythonScripts is it is a way to allow the import of such or such module, and the use of such or such method in those modules, but it doesn't prevent the access to such or such attributes on existing objects, does it ?
It uses the Zope security machinery to determine what access the code has. So the code in a script cannot access any attributes that the user running the code has access to through the web in the first place. -- Martijn Pieters
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )