Hi there,

I'm trying to debug the security of a Zope 3 application (in Zope 3.1 beta) and I am having trouble getting ZOPE_WATCH_CHECKERS to work.


If I set it to 1, I expect to see information on which attributes on which object are denied. I however see nothing whatever.

If I set it to a higher value, I *do* see a few granted messages, though suspiciously few messages appear and rather confusing ones, especially as I am trying to a access a page that doesn't tie into the ZMI:

[CHK] + Granted getattr: __call__ on <bound method ContextHelpView.getContextualTopicView of <zope.app.publisher.browser.viewmeta.ContextHelpView object at 0x442764ec>> [CHK] + Granted getattr: __call__ on <bound method ContextHelpView.getContextualTopicView of <zope.app.publisher.browser.viewmeta.ContextHelpView object at 0x442a17ec>> [CHK] + Granted getattr: __call__ on <bound method ContextHelpView.getContextualTopicView of <zope.app.publisher.browser.viewmeta.ContextHelpView object at 0x442ef5ec>>

What's going on? Why do the only messages I ever see involve ContextHelpView? Is it possible that this mechanism is broken? Some debugging did seem to indicate the right logging checkers get created, but perhaps the logging methods do not actually get called most of the time?

In an attempt at deeper debugging I tried removing the C implementation (_zope_security_checker.so) temporarily, as the checker.py code seems to indicate it should fallback on the Python version. Unfortunately, Zope 3 fails to start in this case...

Regards,

Martijn
_______________________________________________
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com

Reply via email to