I am looking at a situation (an online self registry process) where I want to allow a user that is not logged in to be able to create a user and do a number of other functions normally reserved for and restricted to logged in users with a fairly elevated rights. I need to perform these functions from a Python script.
What is the best strategy for doing this? I am thinking that creating a separate python script that has elevated rights and allowing Anonymous access to it and calling it from a script that does not have elevated rights is the best strategy to manage it. Am I creating a huge security hole by doing this? _______________________________________________ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
