[Zope3-dev] 3.1 release

[Stephan Richter]

On Wednesday 18 May 2005 10:05, Julien Anguenot wrote:
> I get Insufficient Privileges while trying to check the #380.
>
> http://www.zope.org/Collectors/Zope3-dev/380

Shrug, I also had to log in to see the bug; but since I am a maintainer, I 
could actually see it after that. Ah, Roger made it "security related", which 
I think is the reason it denies the access. Here are the entries:

Local Utility don't get correct removed

= Comment - Entry #2 by rogerineichen on Mar 8, 2005 4:03 am
 
 Perhaps somebody has allready remove a utility on a production server. This 
shold be cleaned up. 
 Perhaps we can provide a bootstrap event which will deactivate registred 
utility where allready deleted from the registreation container.
 ________________________________________
 = Request - Entry #1 by rogerineichen on Mar 7, 2005 11:47 am
 
 A Local Utility don't get deregistred after removing.
 They are removed in the folder but still working.
 
 Sample:
 - Add a Plugable Authentivcation Utility (PAU) to the (default) site.
 - Add a principal folder
 - Add a principal to the principal folder
 - Add a folder to the root
 - Grant the principal to the folder and give them ManageContent permission
 - Try to login with the added principal
 
 Now, delete the PAU and principal with the remove function in the 
++etc++site:
 
 http://localhost:8080/++etc++site/default/++registrations++/@@index.html
 
 Try to login like before. And you get access again.
 
 The PAU is just used as a local utility example. This happens to all local 
utilities!

Regards,
Stephan
-- 
Stephan Richter
CBU Physics & Chemistry (B.S.) / Tufts Physics (Ph.D. student)
Web2k - Web Software Design, Development and Training