[Zope] build a safe proxy
Martijn Pieters
mj at zopatista.com
Fri Mar 16 12:07:36 EDT 2007
On 3/16/07, Eric Bréhault <ebrehault at gmail.com> wrote:
> My understanding of PythonScripts is it is a way to allow the import of such
> or such module, and the use of such or such method in those modules, but it
> doesn't prevent the access to such or such attributes on existing objects,
> does it ?
It uses the Zope security machinery to determine what access the code
has. So the code in a script cannot access any attributes that the
user running the code has access to through the web in the first
place.
--
Martijn Pieters
More information about the Zope
mailing list