Re: [Zope] repost : pb with acl_users "domains" for clients behind a proxy/firewall

2000-09-09 Thread Dieter Maurer

Didier Georgieff writes:
 > Our users are acessing to the Zope server (wich is on the Internet) thru 
 > corporate (government) firewall/proxys.
 > 
 > Some users in acl_users are declared with a "domain" restriction.
 > wich is a generic "gouv.fr" or "agriculture.gouv.fr".
 > 
 > It doesn't seems to be effective and the login is rejected, while the same user 
 > without any "domain" restriction works fine.
The code handling the "domain" restrictions is in
"AccessControl.User.domainSpecMatch".

It looks at REMOTE_HOST and REMOTE_ADDR.
Thus, your proxy must pass this unchanged.


Dieter

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Problems with export

2000-09-09 Thread Dieter Maurer

Gottfried Ryser writes:
 > I tried to export an opject with the import/export function, but I got the
 > following error msg.
 > 
 > 
 >   File /usr/local/Zope2/lib/python/ZPublisher/Publish.py, line 112, in
 > call_object
 > (Object: manage_exportObject)
 >   File /usr/local/Zope2/lib/python/OFS/ObjectManager.py, line 463, in
 > manage_exportObject
 > (Object: Traversable)
 >   File /usr/local/Zope2/lib/python/OFS/ObjectManager.py, line 236, in _getOb
 > (Object: Traversable)
 > AttributeError: (see above)
Tim Hicks (URL:mailto:[EMAIL PROTECTED]) recently reported a very
similar looking problem.

Maybe, you could join forces, to get this problem fixed.



Dieter

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] manage_workspace

2000-09-09 Thread Dieter Maurer

Mechtild Hofmann writes:
 > I'am looking for the source-code from "manage_workspace". Where do I
 > find this file or is it part of a *.py - file ?
It is:

OFS.PropertySheets.View.manage_workspace



Dieter

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] Problems with Product initialization (was: [Zope] SiteRoot (SiteAccess) problem)

2000-09-09 Thread Dieter Maurer

Joshua Brauer writes:
 > No, I unpacked the tarball in the Products directory.
 > 
 > Any more ideas? Any idea how to get SiteRoot to show up on the available items list?
To analyse any problem with product initialization, it is
probably best to start Zope with "STUPID_LOG_FILE=".
Then you will look at 2 places:
  *  the "traceback" in the product's management screen
  *  these log file


Dieter

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Folderish Properties

2000-09-09 Thread Tim Cook

Tim Cook wrote:
> 
> I have a folderish ZClass with a set of properties. When I create
> an instance via DTML my code doesn't update the properties from
> REQUEST.
> 

I am sending this for the benefit of the archives. Sorry for the
extra traffic. But it may help someone in the future. I know they
are important to me. 

There is no difference between creating 'document-ish' and
'folder-ish' ZClasses. 
I had failed to make the call to   
in my constructor method of all my ZClasses after the first one. 
That's why I THOUGHT there was a difference.

-- Tim Cook --
FreePM Project Coordinator http://www.freepm.org
OS Health Care Alliance Supporter http://www.oshca.org

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] keeping Java Servlets session ids based on url rewriting

2000-09-09 Thread Tino Wildenhain

Hi,

Kapil Thangavelu wrote:
*snip*

> I'm going to start working next weekend on Zope calls into JServ. I'd
> like to get some requirements from interested parties before i start
> coding.
Oh nice! I've done the jserv part of the german apache book. So if I 
could help...

Regards
Tino

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] keeping Java Servlets session ids based on url rewriting

2000-09-09 Thread Chris McDonough

Albert,

Hmmm.. can you take a step back and restate the problem more generally?
What is the goal?

> -Original Message-
> From: Kapil Thangavelu [mailto:[EMAIL PROTECTED]]
> Sent: Saturday, September 09, 2000 4:59 PM
> To: albert boulanger; [EMAIL PROTECTED]
> Subject: Re: [Zope] keeping Java Servlets session ids based on url
> rewriting
> 
> 
> albert boulanger wrote:
> > 
> > I am using the latest Zope release using ZServer directly 
> (but will be
> > running under Apache)
> > 
> > I need to coordinate Zope based sessions and servelet sessions. We
> > will be using url rewriting (I know use cookies, but we are doing
> > worst case planning.). As you may know the rewritten urls that the
> > servlet does look like http://foo/bar;$$. I need to retain
> > the stuff after the ;.  This seems to be dropped i think in 
> ZServer. I
> > was going to store the servlet sesssion id in a SQLSession object by
> > having the servlet do a response redirect to a dtml method 
> to process
> > the id after the ;.
> > 
> > Will Apache frontending and setting the CGI-vars fix this issue?
> > 
> > A more general question, has anyone worked on the general
> > cross-session issues like this? I think this is 
> consideration item for
> > the new session support in Zope.
> 
> 
> Would Zope Servlet interaction be useful to you? if so in what form?
> 
> I'm going to start working next weekend on Zope calls into JServ. I'd
> like to get some requirements from interested parties before i start
> coding.
> 
> Cheers
> 
> Kapil
> 
> ___
> Zope maillist  -  [EMAIL PROTECTED]
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists - 
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
> 

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] keeping Java Servlets session ids based on url rewriting

2000-09-09 Thread Kapil Thangavelu

albert boulanger wrote:
> 
> I am using the latest Zope release using ZServer directly (but will be
> running under Apache)
> 
> I need to coordinate Zope based sessions and servelet sessions. We
> will be using url rewriting (I know use cookies, but we are doing
> worst case planning.). As you may know the rewritten urls that the
> servlet does look like http://foo/bar;$$. I need to retain
> the stuff after the ;.  This seems to be dropped i think in ZServer. I
> was going to store the servlet sesssion id in a SQLSession object by
> having the servlet do a response redirect to a dtml method to process
> the id after the ;.
> 
> Will Apache frontending and setting the CGI-vars fix this issue?
> 
> A more general question, has anyone worked on the general
> cross-session issues like this? I think this is consideration item for
> the new session support in Zope.


Would Zope Servlet interaction be useful to you? if so in what form?

I'm going to start working next weekend on Zope calls into JServ. I'd
like to get some requirements from interested parties before i start
coding.

Cheers

Kapil

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] ZClasses - Base classes

2000-09-09 Thread Philipp Auersperg



I know that one cannot change the base classes of a ZClass after it has een 
created, but my question:
 
How can I just find out / enmerate the base classes of a ZClass?
 
thanks
phil



RE: [Zope] 2d list manipulation

2000-09-09 Thread Stephan Richter

At 03:40 PM 9/9/00 -0500, Tim Russell wrote:
>That's the thing -- It doesn't give any errors, it just doesn't have any
>effect on the value in the array. Weird, no?
>
>--Tim
> > >Nope, still nothing...
> > >
> > > > >
> > > >
> > > > Just try it without the single quotes:
> > > >
> > > > 
> >
> > Can you send me the traceback?

Thinking about it again makes me realize that it will not work, since set 
just sets a variable, but does not take care of assignments. It is a little 
bit hard to explain, maybe someone else can do a better job.
Here is what you would have to do:


   
   
   
   
   


This code is tested and works. But you will see that this is far too 
complicated, thats why I would suggest you use a Python Method or an 
Eternal Method to solve the issue.

Regards,
Stephan
--
Stephan Richter
CBU - Physics and Chemistry Student
Web2k - Web Design/Development & Technical Project Management


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] 2d list manipulation

2000-09-09 Thread Tim Russell

Nope, still nothing...

> >
> 
> Just try it without the single quotes:
> 
> 


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Looking for Zope vs. Others at-a-glance comparison

2000-09-09 Thread Jason Cunliffe

> > I need to present the arguments for why we haev chosen Zope vs. Others.
> > Does anyone know of a clear at-a-glance table or anything with the main
> > contenders, features, price, licensing etc.
>
> You didn't collect this data _before_ choosing Zope? :-)

lol

not really.. back then it seemed obvious to me why to try zope what's
interesting about it:

zope_pros = ['idea', 'free', 'openSource', 'Zserver', 'ZODB', 'x-platform',
'persistence',
'python', 'DTML', 'community', 'zopezen', 'scale and scope', 'easy install',
'External Methods', '.zexp files']

and what's to watch out for
zope_cons = ['DTML', 'documentation', 'lack of books', 'lack of demonstrable
large
commercial or cool sites', 'lack of  visual design sense' 'versionitis',
'zopezen', 'learning curve', 'DTML interface/edit-test cycle']

...to be clearer in a wide context

As I see it these are the alternative choices:


- Zope
- ColdFusion
- ASP
- Roxen
- Vignette
- AOLserver/ArsDigita
- Manila ?

Do you agree?
What's missing?

For each of above I'd like to fill in the following:

{'name':"", 'features':{},'pro':[],
'con':[] }

where

 = {'OS': [], 'Xplatform':[], 'cost':[] , 'sourcecode':[],
'license':[], 'openSource':[]
'version':[],  'scriptinglanguages':[], 'DBconnectivity':[] )

Any takers?

If was more adept in DTML was I could put up a comparative poll page though
I suspect most here would respond like you Nils.

cheers
- Jason



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] 2d list manipulation

2000-09-09 Thread Tim Russell

Hey, I'm having trouble accessing variables in a 2-dimensional list. Here's
the creation code:

   
   
  
  
  
 
  
  
   

This creates a list variable, col, which contains 24 lists, each of which
have  elements of value 0. I can easily access the value of
an element using:

   

However, the difficulty comes when trying to change the value of one of
these elements. I've tried a handful of techniques, mostly offshoots of
this:

   

to no avail. Does anyone have a solution to this? Thanks much...

--Tim


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] keeping Java Servlets session ids based on url rewriting

2000-09-09 Thread albert boulanger


I am using the latest Zope release using ZServer directly (but will be
running under Apache)


I need to coordinate Zope based sessions and servelet sessions. We
will be using url rewriting (I know use cookies, but we are doing
worst case planning.). As you may know the rewritten urls that the
servlet does look like http://foo/bar;$$. I need to retain
the stuff after the ;.  This seems to be dropped i think in ZServer. I
was going to store the servlet sesssion id in a SQLSession object by
having the servlet do a response redirect to a dtml method to process
the id after the ;.

Will Apache frontending and setting the CGI-vars fix this issue?

A more general question, has anyone worked on the general
cross-session issues like this? I think this is consideration item for
the new session support in Zope.

Regards,
Albert Boulanger
[EMAIL PROTECTED]

>From Zope:
Try this

http://www.zope.org/Members/aboulang/printresponse;f


aboulang 
form

cookies

other
AUTHENTICATION_PATH  
URL0 http://www.zope.org/Members/aboulang/printresponse 
TraversalRequestNameStack [] 
SiteRootPATH / 
VirtualRootPhysicalPath ('',) 
URL http://www.zope.org/Members/aboulang/printresponse 
AUTHENTICATED_USER Anonymous User 
SERVER_URL http://www.zope.org 
URL0 http://www.zope.org/Members/aboulang/printresponse 
URL1 http://www.zope.org/Members/aboulang 
URL2 http://www.zope.org/Members 
URL3 http://www.zope.org 
BASE0 http://www.zope.org 
BASE1 http://www.zope.org 
BASE2 http://www.zope.org/Members 
BASE3 http://www.zope.org/Members/aboulang 
BASE4 http://www.zope.org/Members/aboulang/printresponse 

environ
HTTP_ACCEPT_ENCODING gzip, deflate 
channel.creation_time 968523573 
SERVER_PROTOCOL 1.0 
SERVER_PORT 1380 
PATH_INFO /Members/aboulang/printresponse 
HTTP_HOST www.zope.org:1380 
REQUEST_METHOD GET 
PATH_TRANSLATED /Members/aboulang/printresponse 
SCRIPT_NAME  
SERVER_SOFTWARE Zope/(unreleased version) ZServer/1.1b1 
HTTP_ACCEPT_LANGUAGE en-us 
REMOTE_ADDR 209.67.167.55 
SERVER_NAME localhost.localdomain 
GATEWAY_INTERFACE CGI/1.1 
HTTP_USER_AGENT Mozilla/4.0 (compatible; MSIE 5.01; Windows 98) 
HTTP_ACCEPT image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, 
application/vnd.ms-excel, application/msword, application/vnd.ms-powerpoint, */* 




___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] Import from file via management-interface

2000-09-09 Thread Steve Drees

> you can write anything destructive, whether it is an external method, a
DTML
> Method, or basically anything.  At least if the only way you can import
.zexp's
> is from the import directory, then only people with access to the zope
file
> structure can import stuff...that will usually be restricted to system
> administrators or superuser people.

But if there was a Can Import From Web role than you could control who
could import and who couldn't. Granular Security is a strong point of Zope.
We should strive to use it.


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] Is Squishdot ready for prime time?

2000-09-09 Thread Farrell, Troy

I don't know about squishdot, but making DA's work with ZOpe on NT has been
giving me fits.  Plan plenty of setup time.  Oh, how I wish i could use
*n(u/i)x.  I think I'll sneak it on to the dev server.

Troy
Troy Farrell
Video Operations Technician II
Williams VYVX Services
918.573.3029
918.573.1441 fax
mailto:[EMAIL PROTECTED]
http://www.williams.com


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Friday, September 08, 2000 11:35 PM
To: Andy McKay
Cc: [EMAIL PROTECTED]
Subject: Re: [Zope] Is Squishdot ready for prime time?


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

use at work = I will recommeend using it and do the work of setting it up
on an NT  (ugh) box and claim it can be relied upon for a medium level (I
don't know how much really) of traffic.

Say aren't you guys the people who embrace and extend perl:>?


  
John Holland
- ---

Email:   [EMAIL PROTECTED]
Web: http://jbhsoft.linuxave.net
Public key : finger -s or
 http://jbhsoft.linuxave.net/pubkey.html

On Fri, 8 Sep 2000, Andy McKay wrote:

Absolutely, totally. Could you be a little more specific than "use at work",
that could mean anything.

- - Original Message -
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 08, 2000 6:00 PM
Subject: [Zope] Is Squishdot ready for prime time?


> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> I'm thinking of recommending it for use at work. Is it reliable?
>
>
> John Holland
> - ---
>
> Email:   [EMAIL PROTECTED]
> Web: http://jbhsoft.linuxave.net
> Public key : finger -s or
>  http://jbhsoft.linuxave.net/pubkey.html
>
>
> -BEGIN PGP SIGNATURE-
> Version: PGP 6.5.2
>
> iQA/AwUBObmLxhPWCCE2yAKHEQIsxgCfcl8p7PdI3WWCKGpLNboq7hfZOT4An2LL
> Sr8S7931nDFoBuNqkibp5mbz
> =S3k1
> -END PGP SIGNATURE-
>
>
> ___
> Zope maillist  -  [EMAIL PROTECTED]
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

-BEGIN PGP SIGNATURE-
Version: PGP 6.5.2

iQA/AwUBObm93xPWCCE2yAKHEQJ38wCcDqMSHDUQxT3Vv4jQ2vjf45yl180AoOYv
BEz5c6X6sImGQxOL/7BiCbqm
=KAnW
-END PGP SIGNATURE-


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Macintosh Zope.

2000-09-09 Thread Steve Spicklemire


HI Steve,

I've been running Zope-2.2 on my powerbook under MacOSX DP4 quite
happily.  My only problem now is lack of MySQL ;-). I don't think
there's much hope of Zope on MacOS 8/9 due to the lack of proper
thread support. I did manage to get Medusa/Bobo working on MacOS-8, a
*long* time ago... but that was before threading was added ... and it
was horribly slow.  There should be a public beta of MacOS-X out soon..
and it runs Zope just fine. (There is some monkey business with gcc
command link options that are different from the defaults
(e.g., '-LDFLAGS=undefined-suppress') to make the linker
happy... take a look at: 

http://www.zope.org/Members/jshell/buildingZopeOnMacOSXServer

)

Good Luck!
-steve


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] My z Class

2000-09-09 Thread Karl Munroe

 I am having problems adding images to my z class
 I am creating a Z class for a staff profile...I have added an image to the
methods of the class. When editing and creating a new profile object I use
the following syntax

 

 It changes to the MYProfileClass_add_form take place. When I call the above
code in the add method..I get an error telling me I do not have access
to
theMYProfileClass object..

 Please I would like some help on how to include other objects in my Z class
and how to edit the properties of the included objects. Payng attention to
the image example


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Import from file via management-interface

2000-09-09 Thread Martijn Pieters

On Sat, Sep 09, 2000 at 03:54:25PM +0200, Tino Wildenhain wrote:
> > The problem is not so much ownership of the objects imported, but the type
> > of objects that can be instanciated from a pickle (the export format
> > wether XML or binary, consists of pickled classes).
> > 
> > You can create _everything_ from a pickle, as long as there is a class
> > definition for it; including a monitor client. I can open up a high port
> > on your machine that'll let me connect to your Zope process in a python
> > interpreter prompt. Then your server is my oister.
> 
> Thats badly true, but importing of a whole bunch of objects is also 
> often needed. IIRC does pickle only handle instance data but not
> class code. (although I see using of marshal in the import code
> which does in fact import code as oposite to pickle)
> Importing instance data schould not be a problem since it can only work
> if the user in question has access to the classes. 
> This access is already handled by permissions.

No it isn't. Web access to class instances is handled by permissions.
Unpickling will cause class instantiation in the python process, where you
have no control over what get's created. You can create a custom
unpickling class, but one that would handle the Zope range of objects
would be, in Jim's words "tricky".

> Moreover we could restrict importing via web to the superuser at all.

This would completely defeat your idea that people besides the superuser
should be able to import. Apart from being a security risk.

> > Allowing imports from arbitrary paths will let me exploit security holes
> > in other internet daemons on your machine to create a pickle file for
> > import; preferably the /tmp directory as it is world writeable.
> > Restricting imports to one directory allows you to be much more
> > restrictive as to who can write there.
> > 
> > You can set up restricted FTP access or even only allow scp (ssh encrypted
> > file transfer) for trusted people to upload exports to the Zope import
> > directory if you need to give others import rights.
> 
> Uh, do you know any ssh-daemon for windows? ;-)

Sorry, no, but that's because I never looked. I am sure there are other
secure options for file transfer for Win32 available though.

-- 
Martijn Pieters
| Software Engineermailto:[EMAIL PROTECTED]
| Digital Creations  http://www.digicool.com/
| Creators of Zope   http://www.zope.org/
| ZopeStudio: http://www.zope.org/Products/ZopeStudio
-

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Import from file via management-interface

2000-09-09 Thread Tino Wildenhain

Hi,

Martijn Pieters wrote:
> 
> On Sat, Sep 09, 2000 at 09:39:33AM +0200, Tino Wildenhain wrote:
> > Terry Kerr wrote:
> > >
> > > you can write anything destructive, whether it is an external method, a DTML
> > > Method, or basically anything.  At least if the only way you can import .zexp's
> > > is from the import directory, then only people with access to the zope file
> > > structure can import stuff...that will usually be restricted to system
> > > administrators or superuser people.
> >
> > Hm. I dont see the point here. First you can restrict the ability to
> > Export/Import in the users role.
> > Second, the either the superuser has to be bothered with imports or
> > you have to grant all the people access to the file system.
> > This would be much lesser security as beeing able to import via web.
> >
> > May be I schould have a deeper look at the ownership-problem.
> >
> > Giving the importing user ownership over all objects (s)he imports
> > as long it is not the superuser, schould do the trick.
> 
> The problem is not so much ownership of the objects imported, but the type
> of objects that can be instanciated from a pickle (the export format
> wether XML or binary, consists of pickled classes).
> 
> You can create _everything_ from a pickle, as long as there is a class
> definition for it; including a monitor client. I can open up a high port
> on your machine that'll let me connect to your Zope process in a python
> interpreter prompt. Then your server is my oister.

Thats badly true, but importing of a whole bunch of objects is also 
often needed. IIRC does pickle only handle instance data but not
class code. (although I see using of marshal in the import code
which does in fact import code as oposite to pickle)
Importing instance data schould not be a problem since it can only work
if the user in question has access to the classes. 
This access is already handled by permissions.

Moreover we could restrict importing via web to the superuser at all.

> Allowing imports from arbitrary paths will let me exploit security holes
> in other internet daemons on your machine to create a pickle file for
> import; preferably the /tmp directory as it is world writeable.
> Restricting imports to one directory allows you to be much more
> restrictive as to who can write there.
> 
> You can set up restricted FTP access or even only allow scp (ssh encrypted
> file transfer) for trusted people to upload exports to the Zope import
> directory if you need to give others import rights.

Uh, do you know any ssh-daemon for windows? ;-)

Regards ;-)
Tino

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Looking for Zope vs. Others at-a-glance comparison

2000-09-09 Thread Nils Kassube

Jason Cunliffe wrote:

> I need to present the arguments for why we haev chosen Zope vs. Others. 
> Does anyone know of a clear at-a-glance table or anything with the main
> contenders, features, price, licensing etc.

You didn't collect this data _before_ choosing Zope? :-)

Cheers,
Nils
--
[EMAIL PROTECTED]
[EMAIL PROTECTED] (preferred)
[EMAIL PROTECTED]



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] locale and Splitter.c on FreeBSD - where is the bug ?

2000-09-09 Thread Oleg Broytmann

On Sat, 9 Sep 2000, Aleksander Salwa wrote:
> Some time ago I had a problem with locales on FreeBSD.
> Finally, I solved it by patching Splitter.c.
> 
> I added casting of values passed to funtions isalpha, isalnum to
> type 'unsigned char'. They are declared in Splitter.c as 'char'.
> 
> On all machines I'm working on, 'char' is signed.
> On Linux/x86, isalpha and others works fine with positive and negative
> values of national characters. (For example, one polish character is
> '\xc6', what can be evaluated as unsigned 198, or signed -58.)
> But on FreeBSD/x86 these functions work only with values >127.
> Because 'char' is signed, it needs casting to work with national
> characters.
> 
> Now, the question is: is it a bug in Splitter.c or in FreeBSD system
> libraries ? (or misconfigured system)

   It is bug in Linux libraries! They tricked you to think it is right way,
but it is actually wrong way. FreeBSD (in this aspect) is better, more
strict (there are aspect where Linux clearly wins :).
   Compile Zope with gcc -funsigned-char on FreeBSD.

Oleg.
 
 Oleg Broytmannhttp://phd.pp.ru/[EMAIL PROTECTED]
   Programmers don't die, they just GOSUB without RETURN.


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] Looking for Zope vs. Others at-a-glance comparison

2000-09-09 Thread Jason Cunliffe

Hello

I need to present the arguments for why we haev chosen Zope vs. Others.

Does anyone know of a clear at-a-glance table or anything with the main
contenders, features, price, licensing etc.

Thanks
- Jason

Jason CUNLIFFE = NOMADICS.(Interactive Art and Technology).Design Director



___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




RE: [Zope] Using Chinese Characters

2000-09-09 Thread Christian Wittern

Hi there,

I am using Zope successfully with Chinese (Traditional) on Windows. For
forward compatibility, I am storing it as UTF-8, which is one storage format
for Unicode/ISO 10646 (aka as UCS). It used to work nice until Zope 2.2,
where some of the display got mangled. I submitted a patch to the Collector
to fix this problem some weeks ago, so hopefully this will go away in the
future. Anothere thing is being able to use ZCatalog: I privately patched
the splitter program, which is used to split strings into words. I am not
yet satisfied with the solution, that's why I did not go public with it.
It's also only tested on my windows box.

All the best,

Christian

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf
> Of Tino Wildenhain
> Sent: Friday, September 08, 2000 3:18 AM
> To: Kelvin Cheong
> Cc: [EMAIL PROTECTED]
> Subject: Re: [Zope] Using Chinese Characters
>
>
> Hi Kelvin,
>
> Kelvin Cheong wrote:
> >
> > i was wondering how i can use chinese characters with Zpe on Linux. does
> > anyone know how? According to my "mild" research so far, i
> found out that
> > Big5is a 2-byte code and is a part of ISO-10646/Unicode. It
> also seems to
> > be the de-facto for traditional chinese characters. There're
> also Unicode
> > CJK and GB. But GB is for China, which uses simplified chinese
> characters.
> > And CJK includes both Big5 and GB.
>
> classic zope is built on python 1.52 and does not naturally support
> unicode.
> But there is a light on the horizont:
>
> http://www.zope.org/Members/htrd/wstring
>
> I have a vision of everything working together for localizing and
> internationalisation ;-)
>
> Regards
> Tino
>
> ___
> Zope maillist  -  [EMAIL PROTECTED]
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
>
>
>


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] Replace function

2000-09-09 Thread administrator

Hello,
how can I replace a expression within a page or a folder?
Thanks in advance.
  Arno Gross
  consotec
  [EMAIL PROTECTED]



Re: [Zope] Import from file via management-interface

2000-09-09 Thread Martijn Pieters

On Sat, Sep 09, 2000 at 09:39:33AM +0200, Tino Wildenhain wrote:
> Terry Kerr wrote:
> > 
> > you can write anything destructive, whether it is an external method, a DTML
> > Method, or basically anything.  At least if the only way you can import .zexp's
> > is from the import directory, then only people with access to the zope file
> > structure can import stuff...that will usually be restricted to system
> > administrators or superuser people.
> 
> Hm. I dont see the point here. First you can restrict the ability to
> Export/Import in the users role.
> Second, the either the superuser has to be bothered with imports or
> you have to grant all the people access to the file system.
> This would be much lesser security as beeing able to import via web.
> 
> May be I schould have a deeper look at the ownership-problem.
> 
> Giving the importing user ownership over all objects (s)he imports
> as long it is not the superuser, schould do the trick.

The problem is not so much ownership of the objects imported, but the type
of objects that can be instanciated from a pickle (the export format
wether XML or binary, consists of pickled classes).

You can create _everything_ from a pickle, as long as there is a class
definition for it; including a monitor client. I can open up a high port
on your machine that'll let me connect to your Zope process in a python
interpreter prompt. Then your server is my oister.

Allowing imports from arbitrary paths will let me exploit security holes
in other internet daemons on your machine to create a pickle file for
import; preferably the /tmp directory as it is world writeable.
Restricting imports to one directory allows you to be much more
restrictive as to who can write there. 

You can set up restricted FTP access or even only allow scp (ssh encrypted
file transfer) for trusted people to upload exports to the Zope import
directory if you need to give others import rights.

-- 
Martijn Pieters
| Software Engineermailto:[EMAIL PROTECTED]
| Digital Creations  http://www.digicool.com/
| Creators of Zope   http://www.zope.org/
| ZopeStudio: http://www.zope.org/Products/ZopeStudio
-

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] German version of zzLocale

2000-09-09 Thread administrator

Hello,

is someone working on german version of zzLocale?
We would like to join.
Currently there is a static translation of the whole
interface with zzLocale. So it's difficult to change. If
you change something in one language you have to change in all other files too.
What's about an integration of zzLocale
with ZBabel? How could we do that?

Regards
  Arno Gross
  consotec
  [EMAIL PROTECTED]



[Zope] Request For INFO

2000-09-09 Thread Marc DANAI

Hi,

 I would like to make a site with the following
features but I don't know which products to use:

 - one editorial part with the list of projects,
 - new user can register himself,
 - registrated user can add new project. The project
   can be on any format (doc,ppt, html, ...),
 - link for meeting,
 - link for forum of discussion,
 - manager is alerted when new user comes,
 - manager is alerted when new project is added,
 - link for feed-back,
 - users and projects are categorized by country,
 - search box.

I see lot of products in Zope site but don't which
one(s) are adapted to do this site more easily?

Thank's

__
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Import from file via management-interface

2000-09-09 Thread Tino Wildenhain

Hi Terry,

Terry Kerr wrote:
> 
> you can write anything destructive, whether it is an external method, a DTML
> Method, or basically anything.  At least if the only way you can import .zexp's
> is from the import directory, then only people with access to the zope file
> structure can import stuff...that will usually be restricted to system
> administrators or superuser people.

Hm. I dont see the point here. First you can restrict the ability to
Export/Import in the users role.
Second, the either the superuser has to be bothered with imports or
you have to grant all the people access to the file system.
This would be much lesser security as beeing able to import via web.

May be I schould have a deeper look at the ownership-problem.

Giving the importing user ownership over all objects (s)he imports
as long it is not the superuser, schould do the trick.

Regards
Tino

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] locale and Splitter.c on FreeBSD - where is the bug ?

2000-09-09 Thread Aleksander Salwa


Some time ago I had a problem with locales on FreeBSD.
Finally, I solved it by patching Splitter.c.

I added casting of values passed to funtions isalpha, isalnum to
type 'unsigned char'. They are declared in Splitter.c as 'char'.

On all machines I'm working on, 'char' is signed.
On Linux/x86, isalpha and others works fine with positive and negative
values of national characters. (For example, one polish character is
'\xc6', what can be evaluated as unsigned 198, or signed -58.)
But on FreeBSD/x86 these functions work only with values >127.
Because 'char' is signed, it needs casting to work with national
characters.

Now, the question is: is it a bug in Splitter.c or in FreeBSD system
libraries ? (or misconfigured system)


[EMAIL PROTECTED]

/--\
| `long long long' is too long for GCC |
\--/


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Import from file via management-interface

2000-09-09 Thread Tino Wildenhain

Hi Bill,

Bill Anderson wrote:
> 
> How about just the patch next time, as opposed ot the whole patched filed?
Ah yes, sure. On the other hand its more convient for the windows
people,
without a patch at hand...

regards
Tino

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )