-----BEGIN PGP SIGNED MESSAGE-----
Jim Fulton wrote:
>> So forking docutils inside Zope is *not* evil, even when considering
>> packaged versions, as long as the packagers know about the fork, right?
> The unforked docutils provides the necessary safety when used correctly.
> It is our careless use of the feature that was the cause of the problem.
As Florent pointed out, long experience with text processing systems on
Unix (Tex, postscript, etc.) says that enabling file inclusion by
default is a security hole. Leaving it enabled by default makes
docutils at least partly to blame for such holes (under a doctricne of
"attractive nuisance"). If, OTOH, the downstream programmer had to
explicitly enable the risky behavior, then any breach would be *that
- SVN says that the knobs to disable the dangerous features, along with
the docs for the why teh features are dangerous, were added fifteen
- Those knobs were made available in the 0.3.9 release of docutils
(per the HISTORY.txt file).
- Andreas upgraded Zope to that release last October, just before
initial hotfix (from the timing, on 2005/10/09, it looks as though
the hotfix have been the motivation for the upgrade).
- Because of the way we ship docutils (there was a lot of wrangle about
this, as well, with Andreas moving stuff around to suit the course
of the wrangle) we don't even ship the documents which label those
directives as 'dangeroous' (they are off in the 'test' subtree).
Tres Seaver +1 202-558-7113 [EMAIL PROTECTED]
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v220.127.116.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Zope3-dev mailing list