On Jul 8, 2006, at 3:06 PM, Andreas Jung wrote:
No, it is not. I haven't worked on the hotfix...so why would it be
up to me
It's not. The person who *did* write the hot-fix didn't want the
feature in the first place. Tres stepped up and helped us in an
emergency. I imagine that he isn't signing up to maintaint the
When you talk of "the feature"...you mean file inclusion? This
feature was not supposed to be there. It was never a goal of reST
to provide this feature. So Tres' solution (removing the code) is
No, the feature I'm talking about is TTW reST. Because reST has a
that has to be turned off to be secure when processing text from
untrusted users, it requires special care.
There are a lot of modules where we don't want to take over the
The important thing is that we have clever ppl who understand the
code and can deal with such problems in such a case.
We need a better chain of responsibility than that, especially when
there is a known security thread.
See above...it's not a question of general responsibility...it's a
question of taking over the responsibility for a particular problem
situation...of course maintainers for modules are highly
welcome...things are as they are in the Zope 2 world...
I don't agree. Our current approach isn't working.
Jim Fulton mailto:[EMAIL PROTECTED] Python
CTO (540) 361-1714
Zope Corporation http://www.zope.com http://www.zope.org
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -