[Zope-dev] Security Testing

Eron Lloyd elloyd@lancaster.lib.pa.us
Mon, 14 Oct 2002 12:39:00 -0400


Maybe this would be a good opportunity to evaluate Puffin=20
(www.puffinhome.org)? Security API calls through unit tests are one thing=
,=20
but testing the whole functioning system from the outside seems like the =
best=20
approach. Puffin should be a Zope partner, IMHO.

Regards,

Eron

On Monday 14 October 2002 10:49 am, Chris Withers wrote:
> Hi,
>
> I'd like to build a suite of security tests for a product I'm writing u=
sing
> unittest.py.
>
> Is this possible?
>
> I thought about using newSecurityManager with various known users, and
> restrictedTraverse to get to the appropriate methods, but then how do I
> test if those methods are callable?
>
> cheers,
>
> Chris
>
> PS: How is all this being tackled in Zope 3?
>
>
> _______________________________________________
> Zope-Dev maillist  -  Zope-Dev@zope.org
> http://lists.zope.org/mailman/listinfo/zope-dev
> **  No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope )
> ---
> [This E-mail scanned for viruses by Declude Virus]

--=20
Eron Lloyd
Technology Coordinator
Lancaster County Library
elloyd@lancaster.lib.pa.us
Phone: 717-239-2116
Fax: 717-394-3083

---
[This E-mail scanned for viruses by Declude Virus]