[Grok-dev] UPDATE recently created projects to 0.14.1
faassen at startifact.com
Sun Dec 14 10:26:01 EST 2008
Brandon Craig Rhodes wrote:
> I understand that our policies prevent us from fixing 0.14 itself
> retroactively and protecting people with old buildouts who haven't seen
> all of the announcements; we want to keep everything old looking like it
> always did so that old buildouts can always be guaranteed to be
> identical, even if identically insecure.
We can't reach into people's existing buildouts magically and replace
their version of 0.14 with a new one anyway, right?
> But it would be nice to display a message.
> Before 1.0, could we add to "grokproject" a line that, if it's using its
> default URL, also looks up another URL and, if it exists, prints the
> message there?
This isn't a bad idea, but grokproject will always look at 'current' to
look at the most recent version of Grok. This will be 0.14.1 now, so
nobody will ever see the warning.
The only potential point at which people could see the warning is if we
forget, like we did, to update the 'current' entry to 0.14.1. But this
wouldn't be a safety net for us, as we could just as easily forget to
write the warning message. We will try not to make the same mistake next
time - luckily Michael Haubenwallner caught it pretty fast. :)
> That way, old-buildout-identicalness would be preserved, but users would
> at least have some indication that they needed to take action if they
> did not want their site to be invaded.
I'm not sure we can actually do anything more to protect people by
audomtation. When they start new projects, they'll be safe (if we don't
forget to update current). We could provide a recipe to warn people when
they actually run buildout again, but will only warn people if they're
actively developing - moderate increased safety but I'm not sure whether
it's worth the effort.
To also catch people who have deployed (who need the warning the most!),
we could also do a run-time check. Going off and doing a "phone home"
while running once every while will probably not be appreciated by
everyone, and also involves quite a bit of run-time complexity. And
where would we place the warning message so that the site maintainers
would see it?
I think the best way to improve the chances people will see our security
notifications is to spread them wider. Right now we updated
grok.zope.org, sent a message to grok-dev and I sent a message to
zope-announce (which I'm not sure has gotten through yet). We could in
addition also investigate where people tend to send security-related
warnings in general and institute a policy to also send the warning
More information about the Grok-dev