[Zope] New restricted python - How to use in my Product?

Christian Theune ct@gocept.com
Tue, 31 Jul 2001 09:23:36 +0200


--MGYHOYXEY6WxJCY8
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hmm. I take a look and am a bit confused.
With the old python (rexec) i had the possibility
to have something evaluated fairly(?) secure within
3 lines. Now I shall create a THAT big class and
environment to have a simple evaluation?
Well, I don't need Zope restrictions nor enhancements.
And I don't need to be in a Zope namespace.
I just need to evaluate single, simple python statements
like:
None
[1,2,3,4]
1
'asdf'

Is there an easier way? Just using eval() is supposed to
be unsecure.

Thanks

Christian

On Mon, Jul 30, 2001 at 09:44:45AM -0400, Evan Simpson wrote:
> Christian Theune wrote:
>=20
> > With Zope 2.4.0 there is the new RestrictedPython module
> > with this "expression" thing, but I can't find any
> > useful documentation on how to use that.
>=20
>=20
> Check out the PythonExpr class in ZRPythonExpr.py of PageTemplates.  It=
=20
> shows how to compile and evaluate an expression with Zope restrictions.
>=20
> Cheers,
>=20
> Evan @ 4-am & Zope
>=20
>=20
>=20

--=20
Christian Theune - ct@gocept.com
gocept gmbh & co.kg - schalaunische strasse 6 - 06366 koethen/anhalt
tel.+49 3496 3099112 - fax.+49 3496 3099118 mob. - 0178 48 33 981

reduce(lambda x,y:x+y,[chr(ord(x)^42) for x in 'zS^BED\nX_FOY\x0b'])

--MGYHOYXEY6WxJCY8
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Weitere Infos: siehe http://www.gnupg.org

iD8DBQE7Zlz4dUt9X/gknwIRAgNoAJ9GDDAbzHSdFtNef5T1IPCZekDDfQCgx+TW
PO1pNzYy5ulLczQQukdzS10=
=lZk8
-----END PGP SIGNATURE-----

--MGYHOYXEY6WxJCY8--