[Checkins] SVN: Products.PluggableAuthService/trunk/Products/PluggableAuthService/PluggableAuthService.py don't swallow exceptions for plugins that don't want to

Florian Friesdorf flo at chaoflow.net
Tue Oct 12 04:54:17 EDT 2010

On Sat, Oct 09, 2010 at 09:39:17PM +0200, Matthew Wilkes wrote:
> On 2010-09-05, at 0151, Florian Friesdorf wrote:
> > Log message for revision 116198:
> >  don't swallow exceptions for plugins that don't want to
> I haven't looked into this yet, but does this get handled safely in
> all cases?  We recently had a DoS issue with Zope due to unhandled
> exceptions in PAS.
> I'm guessing this is a non-critical place, but wanted to check.

My intention is/was to enable debugging of PAS plugins. It took me a
while to understand what's going on and to realize, that I had
NameErrors in my code.

In my opinion plugins should not abuse standard python exceptions to
indicate that a user was not found but use a dedicated PAS exception for
that. Or, at least, there should be exactly one standard python
exception to indicate that.

Currently, by default, NameError, AttributeError, KeyError, TypeError
and ValueError are swallowed.

After enabling the reraise of these exceptions, they got caught and
ended up in the log. I assume this is safe. If there are doubts, we
could rename the flag to: _dont_swallow_my_exceptions_in_debug_mode.

However, in order to spare PAS newbies time and frustration, this should
be the default in debug mode. I don't know how many PAS plugins rely on
this swallowing of exceptions.

Florian Friesdorf <flo at chaoflow.net>
  GPG FPR: EA5C F2B4 FBBB BA65 3DCD  E8ED 82A1 6522 4A1F 4367
Jabber/XMPP: flo at chaoflow.net
IRC: chaoflow on freenode,ircnet,blafasel,OFTC
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://mail.zope.org/pipermail/checkins/attachments/20101012/97098d9a/attachment-0001.bin 

More information about the checkins mailing list