[Zope-dev] strange priv leak

Paul Winkler pw_lists@slinkp.com
Mon, 19 May 2003 12:50:58 -0400

On Mon, May 19, 2003 at 03:54:44PM -0400, Shane Hathaway wrote:
> Paul Winkler wrote:
> >start declaring security on stuff that's traditionally
> >relied on having no docstring?
> We can't, unless we overhaul the security policy.  Declarations for 
> built-in types get ignored.  This is because the security policy depends 
> on being able to find a __roles__ attribute on the thing accessed. 

ack! ok then, never mind :)

> Even so, we might have to do something like this.  As another option, I 
> wonder how well it would work to refuse to publish anything that has no 
> __roles__ attribute... or some variation on that.

given what you've just told me, that's the obvious solution.

> Zope 2.6 + Python 2.1 tries to disallow access to simple attributes 
> because of the number of things it would let you access that you 
> couldn't before.  Yes, it would be useful, but we need Zope 2.6 + Python 
> 2.2 to act the same as Zope 2.6 + Python 2.1.

we do?  I thought 2.6 + 2.2 was going to be permanently "not recommended",
and 2.7 + 2.2 was going to be the future.

> You're going to enjoy Zope 3. ;-)

i know, wish i had time to play with it :(


Paul Winkler
home:  http://www.slinkp.com
"Muppet Labs, where the future is made - today!"