[Zope-dev] Re: RestrtrictedPython vs zope.security.untrustedpython

Philipp von Weitershausen philipp at weitershausen.de
Mon Nov 19 18:21:27 EST 2007


On 20 Nov 2007, at 00:15 , Chris Withers wrote:
> Philipp von Weitershausen wrote:
>> On 19 Nov 2007, at 20:26 , Chris Withers wrote:
>>>>> So, I'm guessing RestrictedPython is the one to aim for?
>>>> No idea what you need...
>>>
>>> http://mail.python.org/pipermail/python-list/2007-November/466438.html
>> It seems like zope.security does exactly what you need (e.g. user  
>> code shouldn't have to import anything as long as you pass proxied  
>> objects).
>
> Indeed, but how do you prevent importing and insecure builtins like  
> "open" without RestrictedPython?

Well, they can only use the builtins you give them, right? And the  
'import' statement can be influenced with import hooks, AFAIK. I don't  
knwo this for sure, though, so maybe you do need RestrictedPython  
after all.



More information about the Zope-Dev mailing list