[Zope3-dev] problems with ZOPE_WATCH_CHECKERS
Martijn Faassen
faassen at infrae.com
Tue Jul 19 11:54:18 EDT 2005
Hi there,
I'm trying to debug the security of a Zope 3 application (in Zope 3.1
beta) and I am having trouble getting ZOPE_WATCH_CHECKERS to work.
If I set it to 1, I expect to see information on which attributes on
which object are denied. I however see nothing whatever.
If I set it to a higher value, I *do* see a few granted messages, though
suspiciously few messages appear and rather confusing ones, especially
as I am trying to a access a page that doesn't tie into the ZMI:
[CHK] + Granted getattr: __call__ on <bound method
ContextHelpView.getContextualTopicView of
<zope.app.publisher.browser.viewmeta.ContextHelpView object at 0x442764ec>>
[CHK] + Granted getattr: __call__ on <bound method
ContextHelpView.getContextualTopicView of
<zope.app.publisher.browser.viewmeta.ContextHelpView object at 0x442a17ec>>
[CHK] + Granted getattr: __call__ on <bound method
ContextHelpView.getContextualTopicView of
<zope.app.publisher.browser.viewmeta.ContextHelpView object at 0x442ef5ec>>
What's going on? Why do the only messages I ever see involve
ContextHelpView? Is it possible that this mechanism is broken? Some
debugging did seem to indicate the right logging checkers get created,
but perhaps the logging methods do not actually get called most of the time?
In an attempt at deeper debugging I tried removing the C implementation
(_zope_security_checker.so) temporarily, as the checker.py code seems to
indicate it should fallback on the Python version. Unfortunately, Zope 3
fails to start in this case...
Regards,
Martijn
More information about the Zope3-dev
mailing list