[Zope3-dev] MessageID as rocks?
Shane Hathaway
shane@zope.com
Wed, 16 Apr 2003 11:42:23 -0400
Barry Warsaw wrote:
> Maybe there's a better way to go about all this. On the one hand, we
> could add a proxy-aware isinstance-like function to tales and use that
> where ever a type test is used. I started to go down that path until it
> got too ugly. OTOH, maybe MessageIDs really should be rocks. The
> question then is whether a MessageID could be exploited for some
> nefarious purpose or whether it is secure.
My understanding is that untrusted code can get and set attributes of
rocks. I think that means untrusted code would be able to:
- messageid.domain = '1 0WN3D JU'
- messageid.__class__.foo = lambda *args: '1 ST177 0WN JU'
In Zope 3, untrusted code is not compiled in a special way as it is in
Zope 2. So Zope 3 requires wrappers for nearly everything.
Shane