The patch below got ZDebug working with Zope 2.3.0 for me. Hope I didn't miss anything ;-) cheers, Chris --- debugsecuritypolicy.py.old Sun Jan 28 21:59:23 2001 +++ debugsecuritypolicy.py Sun Jan 28 22:07:21 2001 @@ -89,7 +89,7 @@ __version__='$Revision: 1.4 $'[11:-2] from AccessControl import SimpleObjectPolicies -_noroles=[] +_noroles=SimpleObjectPolicies._noroles from AccessControl.PermissionRole import \ _what_not_even_god_should_do, rolesForPermissionOn @@ -99,7 +99,7 @@ class DebugSecurityPolicy: def validate(self, accessed, container, name, value, context, - None=None, type=type, IntType=type(0), DictType=type({}), + roles=_noroles, None=None, type=type, IntType=type(0), DictType=type({}), getattr=getattr, _noroles=_noroles, StringType=type(''), Containers=SimpleObjectPolicies.Containers, valid_aq_=('aq_parent','aq_explicit')): @@ -116,7 +116,8 @@ ############################################################ # Try to get roles - roles=getattr(value, '__roles__', _noroles) + if roles is _noroles: + roles=getattr(value, '__roles__', _noroles) if roles is _noroles: @@ -174,7 +175,14 @@ value=container # Short-circuit tests if we can: - if roles is None or 'Anonymous' in roles: return 1 + try: + if roles is None or 'Anonymous' in roles: return 1 + except TypeError: + # 'roles' isn't a sequence + LOG('Zope Security Policy', PROBLEM, "'%s' passed as roles" + " during validation of '%s' is not a sequence." % ( + `roles`, name)) + raise # Check executable security stack=context.stack