Zope and Plone are fantastic systems that provide a lot of features out of the box. A primary focus of Zope and Plone has always been about security and empowering of users, and one of the things that provides this is RestrictedPython.
A lot of code in Zope and Plone has become legacy and remained unmaintained for several years, RestrictedPython was one of those core packages that got less attention and became the major blocker for the porting of Zope and Plone to Python 3.
Many thought it would be impossible to port RestrictedPython to Python 3, but in May 2017 we released a version that is compatible with both Python 2.7 and Python 3.4-3.6 and even PyPy. Nothing is impossible within the Plone community!
This talk will focus on RestrictedPython:
• what it is
• how and who could use it
• what was the problem with porting to Python 3
• why things seem impossible and why that is almost always not true
• thoughts on Zope/Plone and other framework security