[Zope] build a safe proxy

Jonathan dev101 at magma.ca
Thu Mar 15 16:23:07 EDT 2007


>----- Original Message ----- 
>From: "Eric Bréhault" <ebrehault at gmail.com>
>To: <zope at zope.org>
>Sent: Thursday, March 15, 2007 4:19 PM
>Subject: Re: [Zope] build a safe proxy
>

>No :-)
>I just want to run untrusted Python code using exec and I need this code to
>be allowed to access few methods on few Plone portal tools, but nothing
>else.
>For instance:
>portal_membership.getMemberById(id).getProperty('email')
>would be accepted but:
>portal_membership.addMember()
>would be forbidden.
>
>I tried to use zope.security.untrustedpython and also I had a look in
>zope.tales.expressions to understand how it works but I didn't succeed in
>understanding how I can define what is authorized and what is forbidden.
>Apparently it must be done using NamesChecker but I haven't found
>documentation about it (I tried to copy/paste the unit tests but
>unsuccessfully...).
>
>What would you recommend ? What is the 'official' way to run an untrusted
>python code with exec and control what this code can do or not ?

How about an external method?


Jonathan



More information about the Zope mailing list