[Zope3-dev] Fatal Python error: can't initialize
module MultiMapping when access "++apidoc++/Class/menu.html"
Jim Fulton
jim at zope.com
Mon Nov 22 14:56:49 EST 2004
shane at hathawaymix.org wrote:
>
>
> On Mon, 22 Nov 2004, Tim Peters wrote:
>
>> [shane at hathawaymix.org]
>>
>>> ...
>>> Two things should happen:
>>>
>>> - Zope 3 shouldn't try to import MultiMapping.
>>>
>>> - Someone should find out if this is a problem for Zope 2.8.
>>
>>
>> Shouldn't be a problem in 2.8. ExtensionClass code still exists in
>> 2.8, but is part of the Zope tree instead of the ZODB tree there.
>>
>> I don't see any imports of MultiMapping in Zope3 except from
>> RestrictedPython/SafeMapping.py, and I don't see any uses of
>> SafeMapping.py. That doesn't mean there aren't any, just that I can't
>> find any <wink>.
>
>
> zope.app.apidoc.classmodule imports SafeMapping (and every other module,
> I presume) when it displays the class reference. I had to add a
> pdb.set_trace in SafeMapping to discover this.
>
> An interesting implication of the live class reference is that every
> module in Zope 3 must be safe to import at any time. That might not be
> so good for security--if an intruder can manage to install a Python
> script in the Zope 3 code tree, the script will be executed with Zope's
> privileges. Good thing it's easy to uninstall zope.app.apidoc (I presume.)
That's a good point. I suggest that apidoc shouldn't *import* modules,
but should look them up in sys.modules. This is the strategy used to
access moduls from untrusted code.
Jim
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope3-dev
mailing list