[Zope] DTML, Zope and Regex
Wed, 10 Jul 2002 14:29:53 -0400
On Wed, Jul 10, 2002 at 01:32:39PM -0400, Jorge O. Martinez wrote:
> I think I am beginning to understand the scope of the decision to exclude
> regex support: more security for the future Zope ISP's vs less convenience
> for the future Zope developers; however, don't you all think that potential
> Zope developers may be discouraged when they know they have to contact
> their ISP to install an external method or product
If you have to contact your ISP to install an external method or
product, I suggest looking for another ISP.
> Wouldn't it be better to somehow limit how much 'damage' developers can do
> in their own work area (via the Monster module, or zoped.ini for example),
> and give them enough rope to hang themselves, but not to crash the system.
> Don't know if that is possible, just an idea.
It's a nice idea. I don't know if it's possible either...
or how much work it would take. Compared to "let's disable re in python
scripts", it will surely be an enormous amount of work... so I don't
expect we'll see this anytime soon. Feel free to prove me wrong. :)
"Muppet Labs, where the future is made - today!"