Haven't we been complaining about this automatic appending of tracebacks for a while? To me this is what log files are for.... but Im not sure what this guy is on. I wouldnt count this as a "security vulnerability". ----- Original Message ----- From: "Chris Withers" <chrisw@nipltd.com> To: "Paul Everitt" <paul@zope.com>; "ALife" <buginfo@inbox.ru> Cc: <Zope-Dev@zope.org> Sent: Sunday, September 23, 2001 10:44 AM Subject: Re: [Zope-dev] Vulnerability in Zope
Do others consider this a vulnerability?
Yup... especially given the hard-coded (sigh) error page returned for authentication error gives out this information :-(
Chris
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )