On Fri, Apr 10, 2009 at 01:36, Shane Hathaway sh...@hathawaymix.org wrote:
Grr. Way to end a bikeshed discussion. Now what are we going to drone
on about?
Wait, wait, it should be called Zope Platform!
--
Lennart Regebro: Python, Zope, Plone, Grok
http://regebro.wordpress.com/
+33 661 58 14
Martijn Faassen wrote at 2009-4-8 15:31 +0200:
...
In order to make Zope 2 and Zope 3 fit the pattern, it'd be nice if they
had names that fit the Zope is a project, not software pattern. We
could rename Zope 2 to Zope Classic, as was suggested. I think we should
also rename Zope 3 to
Wichert Akkerman wrote at 2009-4-9 10:40 +0200:
Previously Shane Hathaway wrote:
discussion type=bikeshed
Tres Seaver wrote:
WRT the Framework name: framework is a misleading name for the
collection of packages salvaged from the new Coke effort: it is
actually a *bunch* of frameworks,
On Fri, Apr 10, 2009 at 09:23, Dieter Maurer die...@handshake.de wrote:
I will continue to speak of Zope 2 (not Zope Classic).
Right. The classic/legacy renaming is only necessary if we were to
move to Zope 4, which we aren't, or continue to talk about Zope 3,
which we aren't.
--
Lennart
Stephan Richter wrote:
On Thursday 09 April 2009, Martin Aspeli wrote:
Clearly, I'm getting too new a version of RestrictedPython, but this is
running against the 3.4 KGS, so I don't see how that could really happen.
This is not a problem. Ignore those errors as they happen in the Python 2.6
Summary of messages to the zope-tests list.
Period Thu Apr 9 12:00:00 2009 UTC to Fri Apr 10 12:00:00 2009 UTC.
There were 8 messages: 8 from Zope Tests.
Tests passed OK
---
Subject: OK : Zope-2.10 Python-2.4.6 : Linux
From: Zope Tests
Date: Thu Apr 9 20:44:47 EDT 2009
URL:
Hi there,
The Zope Framework is now renamed to be the Zope Toolkit.
Framework proved to be a controversial name that implies a range of
things to people we do not want to imply - in particular that you have
to buy into the whole in order to use some of its parts.
Zope Toolkit is a more
Hi there,
One fundamental question about this that I have is why we want to
protect the user against such loopholes anyway?
Isn't zope.security a protection system against *accidental* mistakes in
building secure applications? I.e. I call a method and then I find out I
have no such access. Do
On Apr 10, 2009, at 9:25 AM, Martijn Faassen wrote:
Hi there,
One fundamental question about this that I have is why we want to
protect the user against such loopholes anyway?
Isn't zope.security a protection system against *accidental*
mistakes in
building secure applications?
No
Adam GROSZER wrote:
Hello,
I would add TEMPORARYLY (for testing) the KGS to buildout.cfg:
[buildout]
extends = http://download.zope.org/zope3.4/3.4.0/versions.cfg
versions = versions
develop = . benchmark
parts = test checker coverage-test coverage-report docs i18n benchmark python
Jim Fulton wrote:
On Apr 10, 2009, at 9:25 AM, Martijn Faassen wrote:
[snip]
Protecting against workarounds is useful if you allow through the web
manipulation of code itself. But who is actually doing this?
The purpose of the protection system is to protect an application
against
On Apr 10, 2009, at 10:43 AM, Martijn Faassen wrote:
...
I know that Plone is moving away from untrusted code,
I predict they won't, but we'll see.
and Zope 2 isn't
using zope.security anyway.
That's immaterial. I was talking about the use case.
That leaves ZC's applications, which I
On Friday 10 April 2009, Martin Aspeli wrote:
/Users/optilude/.buildout/eggs/zope.container-3.8.1-py2.4-macosx-10.3-i386
.egg/zope/container/traversal.py, line 26, in ?
from zope.publisher.interfaces import IDefaultViewName, NotFound
ImportError: cannot import name IDefaultViewName
Hey,
Jim Fulton wrote:
On Apr 10, 2009, at 10:43 AM, Martijn Faassen wrote:
and Zope 2 isn't
using zope.security anyway.
That's immaterial. I was talking about the use case.
It's hard to tell whether Zope 2 will ever adopt zope.security to
fulfill this use case - I have the impression
Stephan Richter wrote:
On Friday 10 April 2009, Dieter Maurer wrote:
think renaming Zope 2 to Zope Classic will be easy. If the Zope 2
developers are okay with this, let's go right ahead.
I will continue to speak of Zope 2 (not Zope Classic).
+1. I think we gain nothing by renaming Zope 2
Zvezdan Petkovic wrote:
On Apr 10, 2009, at 11:32 AM, Hanno Schlichting wrote:
We do have the use-case of allowing trusted people to add templates or
code TTW and many other things like data level and view based
security.
The RestrictedPython case however is something we will gladly give
Hi there,
Is anyone interested in maintaining Zope 3?
With Zope 3 I mean:
* the thing with the ZMI - do you care about the ZMI?
* the thing that can be installed as a particular development platform -
do you care about the installation story for Zope 3? (as opposed to Grok
or your own
On Apr 10, 2009, at 12:26 PM, Martijn Faassen wrote:
...
b) prevent someone from viewing something with a public view because
they don't have access to content-level methods and attributes.
(which I
take is your HTTP request as untrusted code scenario).
It is an example of that scenario,
On Apr 10, 2009, at 12:31 PM, Hanno Schlichting wrote:
We are in the business of content management. The most valuable
information the system and the entire physical machine has is the
content in the system. You don't run web applications on any kind of
shared servers where the system has any
Hey,
Jim Fulton wrote:
[snip]
I don't see the point of a separate package. This is a very small
corner of zope.security.
Sure, it could be solved within zope.security as well.
A simple API for extending the definition of rocks would be enough to
deal with this particular issue.
Note
Martijn Faassen wrote:
Stephan Richter wrote:
On Friday 10 April 2009, Jim Fulton wrote:
Unfortunately these are ZC's use cases.
They are not just ZC's use cases.
Keas is relying on that safety heavily too. Anyone who wants to build a
secure
DSL based on Python really wants zope.security.
On Apr 10, 2009, at 3:20 PM, Shane Hathaway wrote:
Martijn Faassen wrote:
Stephan Richter wrote:
On Friday 10 April 2009, Jim Fulton wrote:
Unfortunately these are ZC's use cases.
They are not just ZC's use cases.
Keas is relying on that safety heavily too. Anyone who wants to
build a
Hi Martijn
Betreff: [Zope-dev] who wants to maintain Zope 3?
Hi there,
Is anyone interested in maintaining Zope 3?
With Zope 3 I mean:
* the thing with the ZMI - do you care about the ZMI?
Of corse do we all need the UI part for manage the components
we install. But the old style
23 matches
Mail list logo
