[ZDP] BackTalk to Document The Zope Book (2.5 Edition)/Advanced Zope Scripting
Fri, 27 Sep 2002 15:46:39 -0400
A comment to the paragraph below was recently added via http://www.zope.org/Documentation/Books/ZopeBook/current/ScriptingZope.stx#3-96
Despite these limits, a determined user could use large amounts
of CPU time and memory using Python-based Scripts. So malicious
scripts could constitute a kind of denial of service attack by
using lots of resources. These are difficult problems to solve
and DTML suffers from the same potential for abuse. As with
DTML, you probably shouldn't grant access to scripts to
% Anonymous User - July 26, 2002 7:46 am:
When I tried to define a class with a
in it, Zope told me, variables should not start with letter '_' .
I think this must be some kind of security restriction that is worth mentioning, because the '__init__'
function is something very common.
% Anonymous User - Sep. 27, 2002 3:46 pm:
What can i really do in a script? AFAIK
Write one single function, ie. the script is the body of ONE function.
No modules or classes in script bodys, hence no names starting w "_".
Please exülain. blf