[Zope-dev] Re: [Zope] isecure XML-RPC handling.

Oliver Bleutgen myzope@gmx.net
Fri, 05 Apr 2002 09:46:21 +0200


Rossen Raykov wrote:
> There are two completely different things:
> 
> 1. the server log
> 2. the output to the client.
> 
> In the first case you may log everything that you thing it is reasonable -
> stack traces and dumps, relative and absolute paths, etc. It can may be
> assumed that is secure since in general it is not accessible out of the box.
> My personal opinion is that even this log have to differ if -D (debug
> option) is misplayed.
> 
> In the second case it is better if Zope is returning just the error or the
> response.
> In the XML-RPC case the error have to be a valid XML-RPC response, not a
> stack trace.
> I can get that a stack trace may be extremely useful for a developer but
> cant he see the server's error log?
> BW if a program is expecting XML-RPC response but it is receiving stack
> trace it may be a little confusing (especially for a not so well written
> program ;).
> Zope first have to conform the protocol for XML-RPC exchange (return XML
> response) and after that to sweet the developers (dump error in the server's
> log).
> 
> Regards,
> Rossen

Hmm, but it may hurt people which only work through the web, now they 
may need a shell account to get information vital for their work...

What about setting up a permission "can see full error message" and just 
deny that for anonymous.
A customizable standard_error_message would do too, I think.


cheers,
oliver