[Zope] External / Internal Methods

Christopher G. Petrilli petrilli@amber.org
Mon, 1 Mar 1999 09:50:12 -0500


On Mon, Mar 01, 1999 at 10:16:18AM -0000, julian@zereau.net wrote:
> 
> On 26-Feb-99 Michael Bernstein wrote:
> > "Christopher G. Petrilli" wrote:
> >> 
> >> I vaguely recall this being discussed in the past, but I can't find it
> >> in my archives...
> >> 
> >> Has anyone tried to make a comparable thing to an "External Method" but
> >> that is contained in the database itself?
> > 
> > I believe that this was rejected by DC because of security issues.
> > Letting people store and run Python code directly in the database is
> > essentially the same as giving someone complete access to the system.
> 
> Does python have anything equivalent to Perl's taint mode? Because if it does
> then this could be used. That and restricting allowable APIs from internal
> methods - again, if this is possible.
> 

I don't want to get into a language war, but as someone who lives and
breathes security, taint mode is a joke.  Python's rexec module would be
great (as would Bastion), but this is going to require a much higher
level of ZopeZen to implement than I currently have.  Yes I know my
proposal was wrought with huge security problems, but regardless it is
valuable to a some people in the near term (such as those of us on the
STarship).

BTW, requiring write access to the file system is only trivially more
secure.

Chris
-- 
| Christopher Petrilli                      ``Television is bubble-gum for
| petrilli@amber.org                          the mind.''-Frank Lloyd Wright