[Checkins] [zopefoundation/RestrictedPython] 2aa90e: Safer getattr (#143)

Mon Oct 29 23:07:04 CET 2018

  Branch: refs/heads/master
  Home:   https://github.com/zopefoundation/RestrictedPython
  Commit: 2aa90e989f0048d2e4c266d92cfc12be74120726
      https://github.com/zopefoundation/RestrictedPython/commit/2aa90e989f0048d2e4c266d92cfc12be74120726
  Author: Alexander Loechel <loechel at users.noreply.github.com>
  Date:   2018-10-29 (Mon, 29 Oct 2018)

  Changed paths:
    M .gitignore
    M README.rst
    M docs/CHANGES.rst
    M docs/RestrictedPython4/index.rst
    M docs/idea.rst
    M docs/index.rst
    M docs/old_README.rst
    M docs/upgrade/index.rst
    M docs/upgrade_dependencies/index.rst
    M docs/usage/api.rst
    M docs/usage/basic_usage.rst
    M docs/usage/policy.rst
    M src/RestrictedPython/Guards.py
    M src/RestrictedPython/__init__.py
    M tests/test_Guards.py
    M tests/test_compile_restricted_function.py
    M tests/test_iterating_over_dict_items.py

  Log Message:
  -----------
  Safer getattr (#143)

* idea for fixing bug #142

* add tests and fix problems

* Fix README:

The wrong usage of `safe_builtins` allows access to the Python built-in
`getattr` allowing all sorts of access.

* Fix wrong usage of `safe_builtins` in tests.

* Do not provide a default `getattr` implementation.

And simplify and correct the test.

* Use and document `safe_globals`.

* Document `safer_getattr`.

* Add change log entry.

[skip ci]

* more documentation changes

* more documentation fixes

      **NOTE:** This service has been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/

      Functionality will be removed from GitHub.com on January 31st, 2019.