I think the fix has some steps in it:
* first, delegate everything to a IErrorReportingUtility and let it log
to SiteError as well. The SiteError logging policy is not operative anymore.
* it turns out the current IErrorReportingUtility does have some form of
filtering policy - it filters out UnAuthorized. A *different* policy
than for SiteError, of course. I believe that the SiteError doesn't do
this, and it's very useful to be able to debug this. :)
* then, rewrite IErrorReportingUtility so it has a sensible policy,
taking the best of the SiteError logging policy with the best of the
current IErrorReporingUtility policy. We make a simple one that's
globally registered and does the Right Thing for what you'd want to see
in the SiteError log.
* Perhaps we'll make a more fancy one that can be configured for the ZMI.
Zope3-dev mailing list