djay
commented
8 years ago Looks like the following code works. Not sure how to whitelist a whole module yet
from zope.security.checker import defineChecker, CheckerPublic, NamesChecker
import random
defineChecker(random, NamesChecker(['uniform','shuffle']))Going to try whitelisting lots of common functions in https://github.com/collective/sandboxlib.
Methods for whitelisting that used to work on pythonscripts don't seem to work with rapido (zope.untrustedpython) code.
see http://docs.zope.org/zope2/zdgbook/Security.html#utility-functions-for-allowing-import-of-modules-by-through-the-web-code
There seems to be no way currently to allow marking a module as safe for import in rapido.