[mod_python] modpublisher security model

Gregory (Grisha) Trubetskoy grisha at modpython.org
Wed Jan 31 23:29:44 EST 2001

I have in CVS some fixes that do not allow the publisher handler to
traverse modules. Right now if your script imports os, then one can get to
os and functions within it via a url, which is really bad. (ZPublisher
doesn't traverse modules either.)

Assuming that module traversing issue is fixed - you make a function
"published" by simply having it in the module. If you do not want it to be
published, you can set it's name to begin with an underscore or place it
into another module.

I did this because the ZPublisher comment thing always annoyed me. It's
really misleading - I like to use comments for what they are - comments,
and if a function doesn't need a comment, I prefer to have the option of
having no comment rather than """ this comment is for ZPublisher """ or
something silly like that.


On Thu, 1 Feb 2001, Brett Haydon wrote:

> Evidently Zope currently uses the doc string to 
> explicity allow access to functions via URL.
> The new Python 2.1 will allow functions to have
> attributes.
> I am currently renaming all imported modules with
> an underscore to avoid unintentional security problems
> (and global objects)
> but I like the idea of explicitly allowing access.
> Any plans to move in this direction.
> regards,
> ______________________________________________
> Brett Haydon
> _______________________________________________
> Mod_python mailing list
> Mod_python at modpython.org
> http://www.modpython.org/mailman/listinfo/mod_python

More information about the Mod_python mailing list