[Zope-dev] More on [Removal of aq_acquire from guarded_getattr]
Stefan H. Holek
stefan at epy.co.at
Mon Jan 24 18:30:50 EST 2005
The failing AccessControl tests can now be found on shh-aqtests-branch
in zope.org CVS.
Observations:
a) guarded_getattr checks object security of the acquiree if the
container denies access (at least that's my assessment).
b) The tests pass when either
- running Zope < 2.7.3, or
- declaring object security on the acquiree via
declareObjectProtected(foo)
c) Unauthorized errors pop up in CMF-based applications, typically when
trying to access a portal tool from a Python Script. E.g. the tests for
<http://zope.org/Collectors/CMF/318> fail on 1.4 branch because
'portal_membership' can not be acquired.
d) Current Zope objects are ill-prepared for these checks as many do
not bother to declare object security in the first place (User Folder,
Mail Host, 50% of CMF tools, ...).
e) Plone and Archetypes exponentially increase the likelihood of
encountering these errors. I have seen several variations in our
customer projects, all reliably fixed by b)
f) I think this is serious. It certainly is a problem for Plone.
g)
<http://mail.zope.org/pipermail/zope-checkins/2004-August/028152.html>
h) If g) really is THE fix for <http://zope.org/Collectors/CMF/259> all
existing Zope software must be reviewed, IMO.
i) Unit tests + VerboseSecurity = useful.
Please advise,
Stefan
--
The time has come to start talking about whether the emperor is as well
dressed as we are supposed to think he is. /Pete McBreen/
More information about the Zope-Dev
mailing list