[Zope-dev] Introspection, managing External Methods?

Robin Becker robin@jessikat.demon.co.uk
Mon, 19 Jul 1999 11:38:02 +0100


In article <3792F7B0.9245ECCC@pop.vet.uu.nl>, Martijn Faassen
<faassen@vet.uu.nl> writes
>Robin Becker wrote:
>> 
>> Are there any plans to upgrade the External Methods product to allow
>> remote management ie creation/deletion/modification of the file texts? I
>> ask because a major advantage of Zope is the ability to manage at a
>> distance and this is not possible for External Methods. I can see easy
>> fudges using a hack of fsimport, but something based on the existing
>> external methods would be better.
>
>The scary thing is that External Methods can do anything with the Zope
>database (or even other parts of your computer). So someone could
>accidentally or maliciously write an External Method that does something
>bad.
>
>There has been some talk about creating a scripting object that could
>contain Python code instead. This Python would then have to use the Zope
>built-in
>security mechanisms to ensure it can't do anything evil. This would be a
>rather
>marvellous thing to have, in my opinion.
this would be like java's sandbox approach or safe-tcl
>
>> More generally how can one upgrade a Zope product remotely; assuming
>> this were possible it would be nice to be able to remotely shut down
>> Zope and get it to restart.
>
>With ZClasses, as long as no External Methods are used in them, the
>first can be done. On auto restarting Zope, I thought that at least on
>some platforms Zope could be shut down from a distance. A restart will
>then happen automatically. At least, I think it works like this under
>Unix.
>
>Regards,
>
>Martijn
>
>_______________________________________________
>Zope-Dev maillist  -  Zope-Dev@zope.org
>http://www.zope.org/mailman/listinfo/zope-dev
>
>(For non-developer, user-level issues, use the companion list,
>zope@zope.org, http://www.zope.org/mailman/listinfo/zope )

-- 
Robin Becker