Jim Fulton wrote:
Stuart Bishop wrote:


It was never intended that the ability to control unprotected sub-objects
by name would apply to items. It was sloppy coding on my part that item indexes
(yes, indexes, like, say, 1) and keys were passed as names. I can certainly
understand why people looking at the code and trying things out would come
to the wrong conclusion.

But it would depend on which code they looked at. For example, in 2.6.2, the key is not passed to validate when traversing using getitem in unrestrictedTraverse. For this reason, it's brittle to rely on this, even without the recent security changes.

Fundamentally, it's wrong to use the same mechanism for attributes and
item keys or indexes.  In the recent security work, we tried to address
this by not passing the name for for item access. Unfortunately, this broke
some code.  I *think* that there cannot be too many cases of this.

I I'm pretty sure that I can redo the way we protect dictionaries and
lists so that we can provide backward compatability. If I can do this,
I will, because backward compatability *is* important, especially for bug-fix

This is done and checked into the Zope 2.7 branch (Zope-2_7-branch).

Stuart, can you try this out and make sure that your application
works as it did before?


Jim Fulton           mailto:[EMAIL PROTECTED]       Python Powered!
CTO                  (540) 361-1714            http://www.python.org
Zope Corporation     http://www.zope.com       http://www.zope.org

Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to