[Zope] Problems with removing Verbose Security and possibly Apelib

Dieter Maurer dieter at handshake.de
Sat Feb 12 14:18:37 EST 2005

Chris Kratz wrote at 2005-2-11 12:39 -0500:
> ...
>I removed the Verbose Security from the products directory and from the 
>Products list in the control panel and tried the app again.
>Unfortunately, this causes the app to break.
> ...
>The last piece of the puzzle is that returning the VerboseSecurity product 
>allows the application to start working again, proxy roles and all.  Any 
>ideas as to why this might be?  Is there a chance that the monkey patching 
>Verbose Security does is not reversible?

Monkey patches should modify only non persistent objects (such
as classes or modules). This means: their effect disappears
when the process stops...

Debugging might be necessary to understand this puzzle.

By the way, I had the impression that VerboseSecurity becomes
ineffective as soon as you switch to "security-policy" "C"
rather than "python" (but I may well be wrong).
>Error Type: Unauthorized
>Error Value: You are not allowed to access 'select' in this context
>...last lines in traceback
># PythonScript at /somefunction>
>Line 3
># Module Shared.DC.Scripts.Bindings, line 178, in __getattr__
>Unauthorized: You are not allowed to access 'select' in this context

This exception comes from an "UnauthorizedBinding".
It indicates that you try to access a binding
("context", "container", "here", ...) your script does
not have rights to.

This security tighening was introduced quite late (to fix
a security bug). "VerboseSecurity" may be able to disable
this tighening.

Maybe, the tighening forgets to take proxy roles into account.
But this is only a guess. Almost surely, you must debug the


More information about the Zope mailing list