[Zope-dev] RestrictedPython implementation in zope2.

[Stephan Richter]

On Thursday 10 July 2008, Martijn Faassen wrote:
> Hopefully we can distribute some hints and tips on this amongst us.

I agree. The most important task is to figure out the changes that have been 
made to the AST. Verifying whether those changes affect RestrictedPython is 
the easier part, since we mainly have to look for attribute and item access 
(as far as I can tell from the RestrictedPython source code.

So does anyone know how we can find out about those changes?

> Being a summer of code student, the student is in there also for the
> learning exercise after all, so perhaps this is an opportunity to
> learn a little about the AST. That said, if Ranjith gets stuck we
> would understand just fine, and just a report by Ranjith on the status
> of his researches for be valuable for whoever comes and tries to fix
> it after him (as this does need to get fixed in some way).

I agree. I overreacted. So what we need is:

* A list of all changes.

* Verify that those changes do not cause a different combination of looking up 
an attribute or item.

* If they do, create a test showing the unsafe lookup and update the code.

Regards,
Stephan
-- 
Stephan Richter
Web Software Design, Development and Training
Google me. "Zope Stephan Richter"