[Zope3-checkins] SVN: Zope3/trunk/src/zope/security/ Removed the special treatment of exception classes. Previously, we

Jim Fulton jim at zope.com
Sun Jul 25 10:20:25 EDT 2004


Log message for revision 26752:
  
  Removed the special treatment of exception classes.  Previously, we
    treated excptions and xception clases as basic objects that were not
    proxied. This strategy seems overly lax. The problem is that we
    don't really kow how to raise or catch exceptions if exceptions and
    exception classes are proxied. The answer is not to be lax with
    exceptions. Rather, we'll need to change the way exceptions are
    handled in untrusted python code. This will require code
    manipulation, which we've avoided until recently.
  


Changed:
  U   Zope3/trunk/src/zope/security/checker.py
  U   Zope3/trunk/src/zope/security/tests/test_checker.py


-=-
Modified: Zope3/trunk/src/zope/security/checker.py
===================================================================
--- Zope3/trunk/src/zope/security/checker.py	2004-07-25 14:07:00 UTC (rev 26751)
+++ Zope3/trunk/src/zope/security/checker.py	2004-07-25 14:20:25 UTC (rev 26752)
@@ -316,9 +316,6 @@
     if checker is NoProxy:
         return None
 
-    if checker is _defaultChecker and isinstance(object, Exception):
-        return None
-
     while not isinstance(checker, Checker):
         checker = checker(object)
         if checker is NoProxy or checker is None:
@@ -502,17 +499,8 @@
         verbosity = WATCH_CHECKERS
 
 def _instanceChecker(inst):
-    checker = _checkers.get(inst.__class__, _defaultChecker)
-    if checker is _defaultChecker and isinstance(inst, Exception):
-        return NoProxy # TODO: we should be more careful
-    return checker
+    return _checkers.get(inst.__class__, _defaultChecker)
 
-def _classChecker(class_):
-    if issubclass(class_, Exception):
-        return NoProxy  # TODO: we should be more careful
-
-    return _typeChecker
-
 def moduleChecker(module):
     return _checkers.get(module)
 
@@ -604,7 +592,7 @@
     types.InstanceType: _instanceChecker,
     Proxy: NoProxy,
     type(weakref.ref(_Sequence())): NamesChecker(['__call__']),
-    types.ClassType: _classChecker,
+    types.ClassType: _typeChecker,
     types.FunctionType: _callableChecker,
     types.MethodType: _callableChecker,
     types.BuiltinFunctionType: _callableChecker,

Modified: Zope3/trunk/src/zope/security/tests/test_checker.py
===================================================================
--- Zope3/trunk/src/zope/security/tests/test_checker.py	2004-07-25 14:07:00 UTC (rev 26751)
+++ Zope3/trunk/src/zope/security/tests/test_checker.py	2004-07-25 14:20:25 UTC (rev 26752)
@@ -207,7 +207,6 @@
 
         from zope.security.checker import BasicTypes_examples
         rocks = tuple(BasicTypes_examples.values())
-        rocks += (AttributeError(), AttributeError)
         for rock in rocks:
             proxy = checker.proxy(rock)
             self.failUnless(proxy is rock, (rock, type(proxy)))



More information about the Zope3-Checkins mailing list