[Zope] Python Classes and Zope.

[Chris McDonough]

On Dec 2, 2005, at 9:49 AM, Paul Winkler wrote:
> You know, some days I wonder why it is that Zope is the
> only framework around that needs to distinguish between
> "trusted" and "untrusted" code. Nobody else seems to be
> looking at us with envy in this regard.
> Historically I know it was because there was the idea that
> not-fully-trustworthy people might be able to join your site
> and then add DTML to it, and you don't want such people
> allowed to execute arbitrary code ... like the old zope.org
> site.  But does anybody anywhere actually run a site like that
> nowadays? It's kind of a bizarre idea.

Not really, and that's why Zope 3 has avoided "through the web" code  
so far.  I hope this avoidance continues at least in "the core",  
whatever that is, but I see rumblings every so often about why this  
is a can't-live-without thing (with which I strongly disagree).

- C