Re: [Zope-dev] Security/Acquisition Bug? (take two)
On Sun, Nov 12, 2000 at 11:42:32PM +0100, Dieter Maurer waxed eloquent: I tried it on my ZopeCVS installation. The Python parts are quite new. The C-part is about 2 weeks old. I can not observe what you describe. "/index_html" can be viewed as "Annonymous" without any change in permissions. Hi Dieter, Thanks for investigating. I also gave it another try, with the same results as my previous attempts. Maybe I'm doing something dumb? I have followed exactly these steps (as a regular user): 1. mkdir Zope2 2. cvs -z7 -d :pserver:[EMAIL PROTECTED]:/cvs-repository checkout Zope2 3. cd Zope2 4. python wo_pcgi.py 5. python zpasswd.py -u XX -p XX access 6. Edit start file (for port change and stupid log): #! /bin/sh reldir=`dirname $0` PYTHONHOME=`cd $reldir; pwd` export PYTHONHOME exec /usr/bin/python \ $PYTHONHOME/z2.py -P 9000 \ -D "$@" STUPID_LOG_FILE=$PYTHONHOME/zope.log 7. ./start 8. Visit http://www.boinklabs.com:9080/index_html 8. Get BASICAUTH login box... ?? Box is Redhat 6.0 with updates, Python 1.5.2 from source. CVS is v1.10.5. The only bit I left out was setting up the CVS login on a prior occasion: cvs -d :pserver:[EMAIL PROTECTED]:/cvs-repository login -cw- -- ~ Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer... Visit the Radio For Peace International Website: http://www.rfpi.org/ ~ CLOBBER INTERNET SPAM: See!! http://spam.abuse.net/ Join!! http://www.cauce.org/ ~ QOTD: Al Gore: Please, just concede. I can't handle another four years of whiney Republican bumper stickers! ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Security/Acquisition Bug? (take two)
I should have included this in my previous reply - this is the Zope error I am getting after failing out of BASICAUTH login: -- Zope Error Zope has encountered an error while publishing this resource. Unauthorized You are not authorized to access this resource. No Authorization header found. Traceback (innermost last): File /share4/Zope2/lib/python/ZPublisher/Publish.py, line 222, in publish_module File /share4/Zope2/lib/python/ZPublisher/Publish.py, line 187, in publish File /share4/Zope2/lib/python/ZPublisher/Publish.py, line 162, in publish File /share4/Zope2/lib/python/ZPublisher/BaseRequest.py, line 463, in traverse File /share4/Zope2/lib/python/ZPublisher/HTTPResponse.py, line 569, in unauthorized Unauthorized: (see above) -- Does that provide any (additional) clues? -cw- -- ~ Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer... Visit the Radio For Peace International Website: http://www.rfpi.org/ ~ CLOBBER INTERNET SPAM: See!! http://spam.abuse.net/ Join!! http://www.cauce.org/ ~ QOTD: Al Gore: Please, just concede. I can't handle another four years of whiney Republican bumper stickers! ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )