Re: [Zope-dev] Security/Acquisition Bug? (take two)

2000-11-12 Thread Charlie Wilkinson

On Sun, Nov 12, 2000 at 11:42:32PM +0100, Dieter Maurer waxed eloquent:
 
 I tried it on my ZopeCVS installation.
 The Python parts are quite new. The C-part is about 2 weeks old.
 
 I can not observe what you describe.
 "/index_html" can be viewed as "Annonymous" without any
 change in permissions.

Hi Dieter,
Thanks for investigating.  I also gave it another try, with the same
results as my previous attempts.  Maybe I'm doing something dumb?
I have followed exactly these steps (as a regular user):

1. mkdir Zope2

2. cvs -z7 -d :pserver:[EMAIL PROTECTED]:/cvs-repository checkout Zope2

3. cd Zope2

4. python wo_pcgi.py

5. python zpasswd.py -u XX -p XX access

6. Edit start file (for port change and stupid log):

#! /bin/sh
reldir=`dirname $0`
PYTHONHOME=`cd $reldir; pwd`
export PYTHONHOME
exec /usr/bin/python \
 $PYTHONHOME/z2.py -P 9000 \
 -D "$@" STUPID_LOG_FILE=$PYTHONHOME/zope.log

7. ./start 

8. Visit http://www.boinklabs.com:9080/index_html

8. Get BASICAUTH login box...  ??

Box is Redhat 6.0 with updates, Python 1.5.2 from source.  CVS is v1.10.5.
The only bit I left out was setting up the CVS login on a prior occasion:

cvs -d :pserver:[EMAIL PROTECTED]:/cvs-repository login

-cw-

-- 
~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
Al Gore: Please, just concede.  I can't handle another four years of
whiney Republican bumper stickers!

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )




Re: [Zope-dev] Security/Acquisition Bug? (take two)

2000-11-12 Thread Charlie Wilkinson

I should have included this in my previous reply - this is the Zope
error I am getting after failing out of BASICAUTH login:

--
Zope Error

Zope has encountered an error while publishing this resource. 

Unauthorized

You are not authorized to access this resource.

No Authorization header found. 

Traceback (innermost last):
  File /share4/Zope2/lib/python/ZPublisher/Publish.py, line 222, in publish_module
  File /share4/Zope2/lib/python/ZPublisher/Publish.py, line 187, in publish
  File /share4/Zope2/lib/python/ZPublisher/Publish.py, line 162, in publish
  File /share4/Zope2/lib/python/ZPublisher/BaseRequest.py, line 463, in traverse
  File /share4/Zope2/lib/python/ZPublisher/HTTPResponse.py, line 569, in unauthorized
Unauthorized: (see above)
--

Does that provide any (additional) clues?

-cw-

-- 
~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
Al Gore: Please, just concede.  I can't handle another four years of
whiney Republican bumper stickers!

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )