[Zope-Coders] new zLOG
Shane Hathaway
shane@zope.com
Tue, 26 Nov 2002 09:57:15 -0500
Toby Dickenson wrote:
> On Tuesday 26 November 2002 1:41 pm, Guido van Rossum wrote:
>
>
>>I propose that there be some interface where Zope (or any setuid
>>program) can call e.g. zLOG.initialize_later() immediately after
>>importing zLOG, and if this hasn't been called by the time LOG() is
>>called for the first time, the first LOG() call calls initialize().
>
>
> I dispute the need for this interface.
>
> It should be easy to find potential calls to LOG before such a program drops
> root. If so, it should also be easy to disable those calls in the
> application, rather than at ZLOG level.
>
> If it is not easy to find out exactly what your program does before dropping
> root privelidges then you already have bigger problems.
I've been trying to find the words to say that. Thank you!
I think zLOG should indeed initialize at the first call to zLOG. I also
think that Zope should bind its server ports immediately after parsing
the configuration, so that it's possible to drop privileges before doing
anything else. (Note that binding does not necessarily mean listening
or creating a server channel. Some time after privileges have been
dropped, we should pass the bound sockets to the server channel
constructors.)
Once that's in place, if we're still concerned that some code might try
to log something too early, we could put code in place that raises an
exception if logging is attempted too early.
Shane