There has been a problem with zope.interface's verifyObject function
that occurs in conjunction with Python properties: when verifyObject
checks for the presence of an object's attribute, it does so by using
hasattr() which in turn tries a getattr() call. If the attribute is
implemented as a
Summary of messages to the zope-tests list.
Period Tue Oct 14 11:00:00 2008 UTC to Wed Oct 15 11:00:00 2008 UTC.
There were 5 messages: 5 from Zope Tests.
Tests passed OK
---
Subject: OK : Zope-2.8 Python-2.3.6 : Linux
From: Zope Tests
Date: Tue Oct 14 20:54:23 EDT 2008
URL:
On 15.10.2008 14:25 Uhr, Martijn Faassen wrote:
Sidnei da Silva wrote:
On Tue, Oct 14, 2008 at 2:16 PM, Andreas Jung[EMAIL PROTECTED] wrote:
Thanks for starting the discussion. Going for Python 2.6 also requires that
we get the ZCA running on top of Python 2.6 until some time next year.
Andreas Jung wrote:
RestrictedPython: I talked with Alan Runyan about this topic at the
Plone conferenceif we are serious then RP has to be reviewed. But
who can review it and how long would it take. There are possibly only a
limited number of people with the experience and skills for
On Wednesday 15 October 2008, Sidnei da Silva wrote:
I don't want to rain on your parade, but I already did a first pass at
reviewing the changes in Python 2.5 and Python 2.6. There are no
significant changes that I could spot so far. Apparently the major
changes are:
I also did a review for
Stephan Richter wrote:
On Wednesday 15 October 2008, Sidnei da Silva wrote:
I don't want to rain on your parade, but I already did a first pass at
reviewing the changes in Python 2.5 and Python 2.6. There are no
significant changes that I could spot so far. Apparently the major
changes are:
Hi there,
On Wed, Oct 15, 2008 at 3:35 PM, Andreas Jung [EMAIL PROTECTED] wrote:
[snip]
If Python 2.6 is the latest official Python version of the 2.X line that
there is a chance that this version will be supported by the Python
community in the long term. So supporting Python 2.4 or Python
On Wed, Oct 15, 2008 at 11:28 AM, Hanno Schlichting
[EMAIL PROTECTED] wrote:
Stephan Richter wrote:
On Wednesday 15 October 2008, Sidnei da Silva wrote:
I don't want to rain on your parade, but I already did a first pass at
reviewing the changes in Python 2.5 and Python 2.6. There are no
Hanno Schlichting wrote:
Stephan Richter wrote:
On Wednesday 15 October 2008, Sidnei da Silva wrote:
I don't want to rain on your parade, but I already did a first pass at
reviewing the changes in Python 2.5 and Python 2.6. There are no
significant changes that I could spot so far. Apparently
On Oct 15, 2008, at 3:27 AM, Thomas Lotze wrote:
There has been a problem with zope.interface's verifyObject function
that occurs in conjunction with Python properties: when verifyObject
checks for the presence of an object's attribute, it does so by using
hasattr() which in turn tries a
Hi,
we stumbled over an annoyance that took a while to debug:
Writing an ITraversable, we used zope.traversing.api.traverse() in a
test to verify our code. We registered the ITraversable as an
(non-multi) adapter and ended up with a working test.
In the actual system, we found that the
Hi,
Why is a ForbiddenAttribute also an AttributeError? Is this intended to
avoid 'information leaks'?
We found a nasty side-effect together with getattr and annotations: a
user that didn't have read-access to __annotations__ would end up trying
to create the annotations container again and
Christian Theune wrote:
we stumbled over an annoyance that took a while to debug:
Writing an ITraversable, we used zope.traversing.api.traverse() in a
test to verify our code. We registered the ITraversable as an
(non-multi) adapter and ended up with a working test.
In the actual system,
Jim Fulton [EMAIL PROTECTED] wrote:
I would change it to just use getattr rather than hasattr.
try:
getattr(ob, name)
except AttributeError:
return False
...
This doesn't handle the case that the attribute exists as a property
but raises an AttributeError when trying to produce
On 15.10.2008 14:44 Uhr, Martijn Faassen wrote:
Hi there,
On Wed, Oct 15, 2008 at 2:30 PM, Andreas Jung[EMAIL PROTECTED] wrote:
If the latter,
what about the security review for untrusted code?
You mean the review of RestrictedPython?
Yes.
If RestrictedPython is to be reviewed for
Thomas Lotze wrote:
Jim Fulton [EMAIL PROTECTED] wrote:
I would change it to just use getattr rather than hasattr.
try:
getattr(ob, name)
except AttributeError:
return False
...
This doesn't handle the case that the attribute exists as a property
but raises an AttributeError
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thomas Lotze wrote:
Jim Fulton [EMAIL PROTECTED] wrote:
I would change it to just use getattr rather than hasattr.
try:
getattr(ob, name)
except AttributeError:
return False
...
This doesn't handle the case that the attribute
On Wed, Oct 15, 2008 at 06:02:55PM +0200, Philipp von Weitershausen wrote:
Christian Theune wrote:
we stumbled over an annoyance that took a while to debug:
Writing an ITraversable, we used zope.traversing.api.traverse() in a
test to verify our code. We registered the ITraversable as an
Philipp von Weitershausen wrote:
First of all, its name is quite misleading. It should really be called
'zope.resolvepath' because it resolves TALES-like object paths. In fact,
it's pretty much only used by the PageTemplate machinery to hook it up
to the TALES engine (with one exception,
Sidnei da Silva wrote:
On Tue, Oct 14, 2008 at 2:16 PM, Andreas Jung [EMAIL PROTECTED] wrote:
Thanks for starting the discussion. Going for Python 2.6 also requires that
we get the ZCA running on top of Python 2.6 until some time next year.
FWIW, that's what I've been working on. There's
Martijn Faassen wrote:
On Wed, Oct 15, 2008 at 2:30 PM, Andreas Jung [EMAIL PROTECTED] wrote:
You mean the review of RestrictedPython?
Yes.
If RestrictedPython is to be reviewed for changes, it *might* be
easier to do this for 2.4 - 2.5 instead of the big leap of two python
versions.
Hi there,
On Wed, Oct 15, 2008 at 2:30 PM, Andreas Jung [EMAIL PROTECTED] wrote:
If the latter,
what about the security review for untrusted code?
You mean the review of RestrictedPython?
Yes.
If RestrictedPython is to be reviewed for changes, it *might* be
easier to do this for 2.4 - 2.5
El 15 Oct 2008, a las 19:24 , Shane Hathaway escribió:
Philipp von Weitershausen wrote:
First of all, its name is quite misleading. It should really be
called
'zope.resolvepath' because it resolves TALES-like object paths. In
fact,
it's pretty much only used by the PageTemplate machinery
Folks,
I don't want to rain on your parade, but I already did a first pass at
reviewing the changes in Python 2.5 and Python 2.6. There are no
significant changes that I could spot so far. Apparently the major
changes are:
- Ternary 'if'
- Context Managers ('with' keyword)
Both of those are
Thomas Lotze wrote at 2008-10-15 09:27 +0200:
There has been a problem with zope.interface's verifyObject function
that occurs in conjunction with Python properties: when verifyObject
checks for the presence of an object's attribute, it does so by using
hasattr() which in turn tries a getattr()
25 matches
Mail list logo