[BlueBream] Strange effect with @@view calling
volker jaenisch
volker.jaenisch at inqbus.de
Fri Apr 2 04:52:20 EDT 2010
Dear Christophe!
Thanks you!
Christophe Combelles schrieb:
> volker jaenisch a écrit :
>
>> Ok. In this case the issue is not only weird it is sort of security hole.
>>
>> How can I proceed further to identify the problem?
>> Please guide me what to checks I can perform to shed more light into this.
>>
>
> Just replace z3c.layer 0.3.1 with z3c.layer.pagelet 1.0.2, and check whether
> it's the same. The misconfiguration leading to security bug is also in the
> package you're using.
>
Yes. This cured the problem completely. Now I got
ind Case A) AND Case B) consistently
(Pdb) type(self.context)
<type 'zope.security._proxy._Proxy'>
and the forbiddenAttribute Error as expected.
Again: Thank you for the fast and competent help!
Best Regards,
Volker
More information about the bluebream
mailing list