Re: [Zope-dev] ZCVSFolder not running on windows
Hi Robert, Sorry.. ZCVSFolder is not supported for Windows. Patches accepted! -steve Robert Rottermann wrote: Hi there, I installed the newest version of ZCVSMFolder on my windowsbox. As it uses fork it can not work. However I used a former version under windows. Is this not possible anymore? thanks for any insigth Robert ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] XXXPythonScripts release 1.0
After seeing the demand for this in a thread on ZopeZen, I've decided to release XXXPythonScripts, at: http://www.zope.org/Members/4am/XXXPythonScripts This Product adds a new Script meta-type: Script (Python, unsafe). You can only create or edit these objects when your Zope has been started with a special environment variable set. The envar name is whimsical, but this isn't a joke; By using this Product you add a risk to your system equivalent to using Telnet to log in as the Zope user. If somebody sniffs/guesses your login and this is turned on, they can write Scripts to do whatever the Zope process user can do! These are compatible with Zope 2.3.x only. I have no immediate plans to make them work with 2.4.x, but it shouldn't be hard. Cheers, Evan @ digicool 4-am ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] [Problem] Zope/Python2.x incompatibility
Dear Zopistas,
I just met the following problem caused by a misfortunate name
clash between Python2.x and Zope:
DTML-Document:
dtml-var standard_html_header
h2dtml-var title_or_id/h2
table cellpadding=5
dtml-in propertyIds
dtml-let p=sequence-item
trthdtml-p;/thtddtml-var _[p]/td/tr
/dtml-let
/dtml-in
dtml-var standard_html_footer
When this document is rendered, Shane's wonderful ZDebug tool reports:
Error type: Unauthorized
Error value: Access denied for built-in method title of string object at
0x8d45e50 because
its container, 'title', has no security assertions.
Innermost method: /Test/wt/Target
Namespace Stack (innermost entry at top)
ID Type
(N/A) mapping with keys: ['p']
? InstanceDict
? DocumentTemplate.DT_InSV.sequence_variables
(N/A) mapping with keys: ['propertyIds']
(N/A) mapping with keys: ['document_id', 'document_title']
TargetInstanceDict
TargetInstanceDict
REQUEST ZPublisher.HTTPRequest.HTTPRequest
problem in _[p].
What happens here?
dtml-in pushes the property id title (a string) onto the namespace
stack. It is the next-to top InstanceDict entry.
Starting with Python 2.0 (maybe 1.6), string objects have
methods, among them title.
When title is looked up in the namespace, the title of
the string object is found and not the one of the DTML Document.
This wrong title method gives an Unauthorized exception because
string objects do not participate in Zope's security mechanism.
Danger
Any string object on the namespace can prevent access to
the title property. Propably only dtml-in and
(if used wrongly) dtml-with are affected.
Thank you Shane for the wonderfull ZDebug.
Without it, it would have been much more difficult to analyse
this problem.
Dieter
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
