[Checkins] SVN: zope2docs/trunk/zope2book/ Change some of the wording, to make it clearer that restricted scripts don't protect you from malicious users.

Hanno Schlichting hannosch at hannosch.eu
Thu Oct 28 08:58:41 EDT 2010 

Log message for revision 118002:
  Change some of the wording, to make it clearer that restricted scripts don't protect you from malicious users.
  

Changed:
  U   zope2docs/trunk/zope2book/BasicObject.rst
  U   zope2docs/trunk/zope2book/ScriptingZope.rst

-=-
Modified: zope2docs/trunk/zope2book/BasicObject.rst
===================================================================
--- zope2docs/trunk/zope2book/BasicObject.rst	2010-10-28 12:57:38 UTC (rev 118001)
+++ zope2docs/trunk/zope2book/BasicObject.rst	2010-10-28 12:58:41 UTC (rev 118002)
@@ -380,8 +380,10 @@
 restricted Python modules, and that they cannot directly access files on
 your file system.  This is a security feature, as it allows site
 administrators to safely delegate the ability to create logic in Python to
-untrusted or "semi-trusted" users.  For more information about Zope's
-security features, see `Users and Security <Security.html>`_.
+less knowledgeable users. The security restrictions aren't stringent enough
+to prevent malicious users from damaging the system. They are only meant as
+a safety belt beginners. For more information about Zope's security features,
+see `Users and Security <Security.html>`_.
 
 Creating a Script (Python)
 ~~~~~~~~~~~~~~~~~~~~~~~~~~

Modified: zope2docs/trunk/zope2book/ScriptingZope.rst
===================================================================
--- zope2docs/trunk/zope2book/ScriptingZope.rst	2010-10-28 12:57:38 UTC (rev 118001)
+++ zope2docs/trunk/zope2book/ScriptingZope.rst	2010-10-28 12:58:41 UTC (rev 118002)
@@ -1106,13 +1106,13 @@
 Security Restrictions of Script (Python)
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Scripts are restricted in order to limit their ability
-to do harm. What could be harmful? In general, scripts
-keep you from accessing private Zope objects, making harmful
-changes to Zope objects, hurting the Zope process itself, and
-accessing the server Zope is running on. These restrictions
-are implemented through a collection of limits on what your
-scripts can do.
+Scripts are restricted in order to limit their ability to do harm. What
+could be harmful? In general, scripts keep you from accessing private Zope
+objects, making unauthorized changes to Zope objects and accessing the server
+Zope is running on. These restrictions are implemented through a collection of
+limits on what your scripts can do. The limits are not effective enough to
+prevent malicious users from harming the Zope process on purpose. They only
+provide a safety belt against accidental bad code.
 
 Loop limits
   Scripts cannot create infinite loops. If your script
@@ -1121,6 +1121,9 @@
   loops. The reason for this restriction is to limit your ability to
   hang Zope by creating an infinite loop.
 
+  This limit does not protect you from creating other sorts of infinite
+  recursions and it's still possible to hang the Zope process.
+
 Import limits
   Scripts cannot import arbitrary
   packages and modules. You are limited to importing the
@@ -1129,8 +1132,7 @@
   (*string*, *random*, *math*, *sequence*), and modules
   which have been specifically made available to scripts
   by product authors.  See `Appendix B: API Reference`_
-  for more information on these
-  modules.
+  for more information on these modules.
 
 Access limits
   You are restricted by standard Zope

More information about the checkins mailing list