[Zope-dev] SVN: Zope/trunk/ OFS.ObjectManager now fully implements the zope.container.IContainer interface

Hanno Schlichting hannosch at hannosch.eu
Mon Feb 23 11:58:59 EST 2009


Tres Seaver wrote:
> Using __setitem__ and __delitem__ has security implicatinos for
> untrusted code:   how are you addressing them?

Maybe I'm missing some knowledge about the security machinery then. I
thought the methods wouldn't be available to untrusted code at all, as
they start with an underscore. You simply won't be able to write
om['id'] in untrusted code and still need to use the existing API.

Hanno



More information about the Zope-Dev mailing list