security & restricted python (was Re: [Zope] New to Zope)

Jamie Heilman jamie at audible.transient.net
Wed Nov 12 20:32:37 EST 2003


J. Cameron Cooper wrote:
> 
> >I'm comfortable working with Python, but the jump to Zope seems to 
> >have left me twiddling my thumbs. Simple things, like why I can't use 
> >certain modules in "Script (Python)"s,
> 
> Security. If you can import any old module, a low-priveledged user could 
> break your site up and down thorugh the web, starting with eating all 
> your resources and getting worse from there.

... of course they still can even with restricted python's protections
in place, they just have to be marginally more creative.  Know that,
given the ability to author restricted python a user can easily
cripple a Zope installation or run the zope process into its process
resource limits.  Design with that in mind.

The theory of restricted python is, afaik, sound.  The problem is that
it is only effective in when used within a system thats built with its
(r. python's) constraints in mind.  Unfortunately, Zope doesn't
entirely fall into that category.
 
-- 
Jamie Heilman                     http://audible.transient.net/~jamie/
"You came all this way, without saying squat, and now you're trying
 to tell me a '56 Chevy can beat a '47 Buick in a dead quarter mile?
 I liked you better when you weren't saying squat kid." -Buddy



More information about the Zope mailing list