[Zope-dev] help identifying a structure inside Zope.
I'm hunting for a very very obscure python-crashing bug on Solaris with Zope2.4 on Python2.1.1. The structure that's getting corrupted looks something like: 299, (300, (301, (302, (303, ( 304, ( 3, c_o_s ) ) ) ) ) ) (nested tuples) I'm wondering if anyone can think of somewhere inside Zope that generates this sort of structure? c_o_s is a string we use in our code as a property, a database column, and a REQUEST variable. As far as we can tell, it's not something being generated by our code... Thanks, Anthony -- Anthony Baxter [EMAIL PROTECTED] It's never too late to have a happy childhood. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] problem to rename folder
Johan Beauce wrote: Hello, I have a little problem. I use this function to rename an object in my site (file or folder). It work perfectly with file but I have an error when I try to rename a folder I think the error is from PARENT[0], so do you have a solution ??? dtml-let objRename=_.getattr(PARENTS[0], _['idName']) dtml-call objRename.manage_renameObjects([idName],[newId],getWay(REQUEST.PATH_INFO)) /dtml-let Thanks a lot, Johan. Johan, You sent this message to the [EMAIL PROTECTED] list and also to the [EMAIL PROTECTED] list. Do not do that. Send your message to one mailing list only. Because your message is about using Zope and DTML rather than developing the internals of Zope, your should have sent your message to only the [EMAIL PROTECTED] list. This email and any files transmitted with it are CONFIDENTIAL and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorised copying, disclosure, or distribution of the material within this email is strictly forbidden. Do you realize that you just sent this email to a public mailing list, with archives available on the world wide web? -- Steve Alexander Software Engineer Cat-Box limited ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Versions (still)
So there I was in this discussion about Zope versioning (again) and there were two features requested that seemed perfectly reasonable at the time, - to have a list of all the objects changed by a version Sorry if this is obvious, but at least neither ZopeFind nor locked_in_version() seem to be mentioned anywhere in zope's (2.3.3) online docu, so I thought I might post it: dtml-in ZopeFind(PARENTS[-1],search_sub=1,obj_expr='locked_in_version()') LIfound dtml-var title_or_id html_quote in Version dtml-var locked_in_version /dtml-in - to be able to individually commit or discard changes in a version on a per object basis This is would be extremely useful for those times when you forget to check out of a version and accidentally lock the root folder (This happens quite a bit). Simple I thought, but ugh versions go all the way down to FileStorage and got into ZODB stuff I didnt understand. I would have thought having a little refactoring to give two more methods: getVersionContents and commitObject would be possible, but Im scratching my head at FileStorage now. Hehe, I feel with you, looking at how versions work takes one straight to Filestorage.commitVersion and some very low level code. Before I embark down this path is there an easier way? The question is if this is worth the effort, in the light of the new versioning discussion. The weaknesses of the current implementation of versioning puts some pressure to create something new IMO. cheers, oliver ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: Install doesn't start properly
R. David Murray wrote: On Mon, 22 Oct 2001, Martijn Pieters wrote: First, actually, untarring as root sets the ownership of a lot of the stuff in my solaris bindist to 506:100 (brian:users, it says in the listing.) Default behaviour when using tar as root; it'll preserve the UID and GID of the person that created the tar. Just FYI, this works right (IMO) under FreeBSD: files untarred as root are owned by root unless you use the p flag. Of course, this note only applies if you are just handling this item via doc changes; if you have install do the chown, it's moot. I'm still wrestling with myself over whether or not this is an issue that needs to be addressed by the install script. On one hand, it really is the administrator's responsibility to check ownership and permissions. On the other hand, just about every other mature open source package out there installs and operates somewhere *other* than its source tree, setting permissions and ownerships as it goes. :-/ I will probably add it to the massive patch I'm working on and see what kind of reception it gets... (ObMozillaBug: while I was typing the first paragraph, a display bug showed me that I was, in fact, wrestling with my elf.) -- Matt Behrens [EMAIL PROTECTED] System Analyst, Baker Furniture ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] startup security status (say that five times fast... well, ok, it wasn't so tough after all)
I have a patch in hand that addresses MOST of the issues I brought up, but the biggie (tricking root into killing arbitrary processes) is a hard one to solve. I have many options, and I'd like opinions... Right now, the pid file is written out by the user that ZServer drops to after starting. This is bad because if that user is compromised, the pid file can be overwritten, and root can be tricked into killing (an) arbitrary process(es) the next time 'stop' is run. The obvious solution was to move the writing of the file up before the setuid() call. Now, the unprivileged user can't *change* the pid file. However, because the var directory must be writable by the unprivileged user, the unprivileged user can *remove* then *rewrite* the pid file, and we're back where we started. Solutions: 1. Have the stop script check ownership of the pid file to make sure it's still root's baby. This solution seems easiest, but something about it doesn't seem right to me. When something doesn't feel right to me, there's probably a way to fool it... 2. Enforce the sticky bit on the var directory. From Solaris' chmod(2) manpage: If a directory is writable and has S_ISVTX (the sticky bit) set, files within that directory can be removed or renamed only if one or more of the following is true (see unlink(2) and rename(2)): o the user owns the file o the user owns the directory o the file is writable by the user o the user is a privileged user (Privileged user means 'root'.) We only need to enforce the sticky bit if we start as root and are doing the requisite setuid(). My patch already has a test for this. 3. Have the pid file written into another directory that only root can write to. The rest of this should probably be another mail, but I figured I'd cover what my patch also does: 1. No longer defaults to running as 'nobody'. As I've explained, running as 'nobody' and the requisite permission settings that need to go with running as 'nobody' can set your Zope data up for compromise on your local system. If -u is not specified z2.py will SystemExit. 2. Warns you if you decide that you REALLY want to run as 'nobody', either with -u or by being nobody when starting z2. 3. Tells you when and who it actually setuid()s to. 4. Warns you if your umask isn't sufficient to protect your data files (experiment: pack your Data.fs and check its permissions.) All messages in this patch are going through zLOG for cleanliness' sake. -- Matt Behrens [EMAIL PROTECTED] System Analyst, Baker Furniture ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] STX and nested colorising (was underline symbology)
Andreas Jung [EMAIL PROTECTED] writes: Feel free to provide a patch and unittests *wink* I was about to send a patch, but as I was putting it through its paces, I realised that, depending on the ordering of the list 'DocumentClass.text_types', I could either underline emphasised text (*_foo_*) or emphasise underlined text (_*foo*_) but not both. My brief examination of the code leads me to think this must be the case for all nested colorisation: you can nest a colorisation within one that occurs earlier in text_types but in one that occurs later. Am I correct? --- Alastair ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] BUG or FEATURE?
Yes. I was having problem with zope getting values from a property with the same name as a field of a form ive submitted instead of the request. So, using dtml-with REQUEST solved the problem, but then there is this problem. But i still dont understand why the first time i call REQUEST.set, and use dtml-var variable the variable has the value i set, and subsequent calls to REQUEST.set modify REQUEST['variable'] but not variable. This is not right for what i think. Or it modify the variable ALL the times or NONE. Do you agree? Em Tuesday 23 October 2001 20:37, Andy McKay escreveu: Its the dtml-with REQUEST, that mucks up the namespace lookup for value dtml-with REQUEST dtml-in [1,2,3] dtml-call REQUEST.set('value', _['sequence-item']) Doesnt work:dtml-var value, works: dtml-var REQUEST['value'] /dtml-in /dtml-with But with REQUEST is a rather wierd thing to do. Are you sure you want to do that? Cheers. -- Sidnei da Silva X3ng Consultoria e Desenvolvimento Ltda. [EMAIL PROTECTED] ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] STX and nested colorising (was underline symbology)
I assume you are right but I have not tried it yet. Andreas - Original Message - From: Alastair Burt [EMAIL PROTECTED] To: Andreas Jung [EMAIL PROTECTED] Cc: R. David Murray [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, October 24, 2001 08:14 Subject: [Zope-dev] STX and nested colorising (was underline symbology) Andreas Jung [EMAIL PROTECTED] writes: Feel free to provide a patch and unittests *wink* I was about to send a patch, but as I was putting it through its paces, I realised that, depending on the ordering of the list 'DocumentClass.text_types', I could either underline emphasised text (*_foo_*) or emphasise underlined text (_*foo*_) but not both. My brief examination of the code leads me to think this must be the case for all nested colorisation: you can nest a colorisation within one that occurs earlier in text_types but in one that occurs later. Am I correct? --- Alastair ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] help identifying a structure inside Zope.
I'd be tempted to suspect the BTrees module setstate code. Anthony Baxter wrote: I'm hunting for a very very obscure python-crashing bug on Solaris with Zope2.4 on Python2.1.1. The structure that's getting corrupted looks something like: 299, (300, (301, (302, (303, ( 304, ( 3, c_o_s ) ) ) ) ) ) (nested tuples) I'm wondering if anyone can think of somewhere inside Zope that generates this sort of structure? c_o_s is a string we use in our code as a property, a database column, and a REQUEST variable. As far as we can tell, it's not something being generated by our code... Thanks, Anthony -- Anthony Baxter [EMAIL PROTECTED] It's never too late to have a happy childhood. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope ) -- Chris McDonoughZope Corporation http://www.zope.org http://www.zope.com Killing hundreds of birds with thousands of stones ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] help identifying a structure inside Zope.
Chris McDonough wrote I'd be tempted to suspect the BTrees module setstate code. Yeah? This is something that you'd expect to see with it? Anthony -- Anthony Baxter [EMAIL PROTECTED] It's never too late to have a happy childhood. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] help identifying a structure inside Zope.
Maybe... it's a guess. Anthony Baxter wrote: Chris McDonough wrote I'd be tempted to suspect the BTrees module setstate code. Yeah? This is something that you'd expect to see with it? Anthony -- Chris McDonoughZope Corporation http://www.zope.org http://www.zope.com Killing hundreds of birds with thousands of stones ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] BUG or FEATURE?
On Wed, 24 Oct 2001, Sidnei da Silva wrote: But i still dont understand why the first time i call REQUEST.set, and use dtml-var variable the variable has the value i set, and subsequent calls to REQUEST.set modify REQUEST['variable'] but not variable. This is not right for what i think. Or it modify the variable ALL the times or NONE. Do you agree? I agree. It looks like a bug to me grin. I think the correct behavior would be for all the sets to work, regardless of the with. My guess is that if you look in the code you'll find some weird interaction happening between the namespace stack code and acquisition. And by the way, I was under the impression that the dtml-with REQUEST idom was a pretty common way to handle just the case you chose it for. In fact, I think that idom appears in DC code here and there, though I could be misremembering that part. --RDM ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: [Bug+Patch] Microseconds in DateTime
[Sent to main list, ignored. Retrying here...] OK, so nobody cares. Anyway, the BugCollector is down, what is a poor guy to do to get the fix in? Of course, if it is a very stupid thing to do, I would really like to know. :^) Thanks. -- Mozilla will be around long after nobody can remember just quite what Internet Explorer actually used to be. AirLace on Slashdot Nicola Larosa - [EMAIL PROTECTED] ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Versions (still)
dtml-in ZopeFind(PARENTS[-1],search_sub=1,obj_expr='locked_in_version()') LIfound dtml-var title_or_id html_quote in Version dtml-var locked_in_version /dtml-in Yep I've done that, but looking through every object to see if its in the version rather than examining the versions seems some what icky (and can be expensive with lots of objects). Hehe, I feel with you, looking at how versions work takes one straight to Filestorage.commitVersion and some very low level code. Yup. Hence the post. The question is if this is worth the effort, in the light of the new versioning discussion. The weaknesses of the current implementation of versioning puts some pressure to create something new IMO. Yup, unfortunately I might be in a battle for Zope where time is of the essence. I was just hoping there was an easy way. Sounds like there isn't. -- Andy McKay ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] CoreSessionTracking onStart
Hi, I am trying to use the onStart method of a session data manager But I do not get how to give the path so that my method get called... I could not find any information of the real way to use it. Can someone help me ? Thanks -- Godefroid Chapelle BubbleNet sprl rue Victor Horta, 30 1348 Louvain-la-Neuve Belgium Tel + 32 (10) 457490 Mob + 32 (477) 363942 TVA 467 093 008 RC Niv 49849 ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] ZCatalog bug, probably BTrees, what Zope version is this fixed in?
Hi, I have a ZCatalog search that returns 213 results. As soon as I add a sort_on and sort_order to the request doing this search, the number of results drops to about 60. This reminds me of some bugs in the BTrees package that I remember being solved in the not too distant past. Can someone please confirm to me what version of Zope I need to use to get these fixes? If it's not in a release yet, _please_ can it make it for 2.4.2. cheers, Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: CoreSessionTracking onStart
Have you read the CST documentation? Particularly the Using Session onStart and onEnd Events section? - Original Message - From: Godefroid Chapelle [EMAIL PROTECTED] To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Wednesday, October 24, 2001 11:31 AM Subject: CoreSessionTracking onStart Hi, I am trying to use the onStart method of a session data manager But I do not get how to give the path so that my method get called... I could not find any information of the real way to use it. Can someone help me ? Thanks -- Godefroid Chapelle BubbleNet sprl rue Victor Horta, 30 1348 Louvain-la-Neuve Belgium Tel + 32 (10) 457490 Mob + 32 (477) 363942 TVA 467 093 008 RC Niv 49849 ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: [Bug+Patch] Microseconds in DateTime
Nicola Larosa wrote: [Sent to main list, ignored. Retrying here...] OK, so nobody cares. Anyway, the BugCollector is down, what is a poor guy to do to get the fix in? Of course, if it is a very stupid thing to do, I would really like to know. :^) Just to voice an opinion, I like the patch and I think it should go in. Now what really matters is if someone with CVS commit powers agree with me :-) cheers, Leo ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] startup security status (say that five times fast... well, ok, it wasn't so tough after all)
Behrens Matt - Grand Rapids wrote: [snipped enlightening description of the zope user writable z2.pid problem] Solutions: 1. Have the stop script check ownership of the pid file to make sure it's still root's baby. This solution seems easiest, but something about it doesn't seem right to me. When something doesn't feel right to me, there's probably a way to fool it... 2. Enforce the sticky bit on the var directory. From Solaris' chmod(2) manpage: If a directory is writable and has S_ISVTX (the sticky bit) set, files within that directory can be removed or renamed only if one or more of the following is true (see unlink(2) and rename(2)): o the user owns the file o the user owns the directory o the file is writable by the user o the user is a privileged user (Privileged user means 'root'.) We only need to enforce the sticky bit if we start as root and are doing the requisite setuid(). My patch already has a test for this. 3. Have the pid file written into another directory that only root can write to. I don't like 1 either because it looks too complicated for a security issue solution. Security solutions should be extremely simple so that they can be made easily debugable and ... (/me looks at Zope security machinery source code)... never mind :-) Anyway, 3 looks more aesthetically pleasing to me, mainly because it requires the least amount of code, but I can live with number 2. Overall, I like the way you are going with this patch. Keep the good work :-) cheers, Leo ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] startup security status (say that five times fast... well, ok, it wasn't so tough after all)
I opted for #2, since it requires no changes to existing start/stop scripts. 2. Enforce the sticky bit on the var directory. From Solaris' chmod(2) manpage: If a directory is writable and has S_ISVTX (the sticky bit) set, files within that directory can be removed or renamed only if one or more of the following is true (see unlink(2) and rename(2)): o the user owns the file o the user owns the directory o the file is writable by the user o the user is a privileged user (Privileged user means 'root'.) We only need to enforce the sticky bit if we start as root and are doing the requisite setuid(). My patch already has a test for this. Patch is attached, against the current release. (diff -c, God bless Solaris... heh) -- Matt Behrens [EMAIL PROTECTED] System Analyst, Baker Furniture z2_py.diff.gz
Re: [Zope-dev] startup security status (say that five times fast... well, ok, it wasn't so tough after all)
I opted for #2, since it requires no changes to existing start/stop scripts. 2. Enforce the sticky bit on the var directory. From Solaris' chmod(2) manpage: If a directory is writable and has S_ISVTX (the sticky bit) set, files within that directory can be removed or renamed only if one or more of the following is true (see unlink(2) and rename(2)): o the user owns the file o the user owns the directory o the file is writable by the user o the user is a privileged user (Privileged user means 'root'.) We only need to enforce the sticky bit if we start as root and are doing the requisite setuid(). My patch already has a test for this. Patch is attached, against the current release. (diff -c, God bless Solaris... heh) -- Matt Behrens [EMAIL PROTECTED] System Analyst, Baker Furniture z2_py.diff.gz
[Zope-dev] problem to rename folder
Hello, I have a little problem. I use this function to rename an object in my site (file or folder). It work perfectly with file but I have an error when I try to rename a folder I think the error is from PARENT[0], so do you have a solution ??? dtml-let objRename=_.getattr(PARENTS[0], _['idName']) dtml-call objRename.manage_renameObjects([idName],[newId],getWay(REQUEST.PATH_INFO)) /dtml-let Thanks a lot, Johan. -- -- This email and any files transmitted with it are CONFIDENTIAL and intended solely for the use of the individual or entity to whom they are addressed. Any unauthorised copying, disclosure, or distribution of the material within this email is strictly forbidden. Any views or opinions presented within this e-mail are solely those of the author and do not necessarily represent those of Odyssey Asset Management Systems SA unless otherwise specifically stated. An electronic message is not binding on its sender. Any message referring to a binding engagement must be confirmed in writing and duly signed. If you have received this email in error, please notify the sender immediately and delete the original. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )