[Zope3-dev] Excessive long traceback info in TALES

[Barry A. Warsaw]

>>>>> "BL" == Brian Lloyd <brian@zope.com> writes:

    BL> FWIW, keeping filenames out of tracebacks was a fairly strong
    BL> goal of the traceback hackery we've done thus far. It was done
    BL> in response to numerous recurring "security-related bug
    BL> reports", with people feeling that any disclosure of filenames
    BL> is bad. While one can argue that point, we've had people in
    BL> the past willing to post this as a "security issue" on public
    BL> security-related sites, and it's really not a good use of time
    BL> trying to fight that sort of PR battle.

It's clear that there are at least two audiences for these tracebacks,
the end user and the developer.  Developers are going to find Pythonic
tracebacks much easier to read, so they should be enabled in the cvs.
But official Zope releases should ship with end-user tracebacks
enabled.

-Barry