Philipp von Weitershausen wrote:
Yes, it's a low-level compiler for Python code that replaces certain
operations such as getattr with respective guards. You'll have to
provide such guards, though. "Script (Python)" is based on
Shared.DC.Scripts which implements such guards that do checks based on
AccessControl.
It looks like zope.security.untrustedpython integrates RestrictedPython
with zope.security.
Ahhhh, I see now...
So, I'm guessing RestrictedPython is the one to aim for?
No idea what you need...
http://mail.python.org/pipermail/python-list/2007-November/466438.html
Out of interest, if all non-standard objects (ie: content) are wrapped
in security proxies, do getattr and setattr still need to be overridden?
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
_______________________________________________
Zope-Dev maillist - Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
