[Zope-dev] 2.5.0b4: how to deadlock/DoS your Data.fs

Pierre Fortin pfortin@pfortin.com
Tue, 22 Jan 2002 01:53:29 -0500 

Well... pointing my browser to http://localhost:8080/manage gives errors
due to everything getting re-written to entities which don't exist yet;
the frameset's three frames point> > to
http://localhost:8080/<fubar>/manage* which are not setup.                
            ^^^^^^^               ^^^^^^^^^^^^^ My point is that it is way
too easy to (yes) "toast" your ZODB as a result.  In other words,
inability to access the manage page is equivalent to a toasted ZODB since
there is no [visible] way back in...  the manage page is no longer
accessible if the first thing I do is add a VHM or SiteRoot...

Injecting a rewrite rule between the browser and Zope's
http://localhost:8080/manage won't help when going directly to
http://localhost:8080/manage gives errors which prevent doing anything
else to the ZODB; but hey...  I'm re-learning Zope (which didn't have VHM
back then, IIRC), and being unable to access the ZODB after adding a
single item to a virgin copy is not a very friendly loophole, IMHO.  

Even following http://www.zope.org/Members/Jace/apache-vhm appears to
assume that a Zope site already exists...  am I wrong...?

BTW, did you really mean "suppress"?  If so, I haven't found that yet...
(pointer?)  If not, see above.

http://www.zope.org/DocProjects/AdminGuide/Project/FrontPage states
"Complex software without documentation is hard to sell someone on, IMHO.
--willdawg" which kinda says it all...

If the above results in unusable ZODB; why should I waste my time building
content if my first experience is to lose access to the ZODB..?  The way I
see it right now is that my confidence in Zope has been shot down by a
rather simple setup attempt locking me out...  

[It's late, I'm really tired; so hope this makes some sense...]

Pierre



On Tue, 22 Jan 2002 00:18:56 -0500
Jens Vagelpohl <jens@zope.com> wrote:

> did you read the documentation that explains how to suppress e.g. site 
> roots by inserting certain names into the URL?
> 
> installing site roots or virtual host monsters does not "toast" any
ZODB.> 
> jens
> 
> 
> On Tuesday, January 22, 2002, at 12:10 , Pierre Fortin wrote:
> 
> > Hi,
> >
> > I've been away from Zope for nearly two years and thought I'd give
2.5.0b4> > a whirl...  instead, it's giving me a spinning head...
> >
> > I have multiple sites and would like to give Zope another try...
> >
> > When I first go into Zope at localhost:8080/manage, the first thing I
> > tried was to add a VirtualHostMonster (specifying all the fields)... 
Big> > mistake #1...  the Data.fs is toast -- no way to access it...
> >
> > Re-install and try again...
> >
> > This time, I try SiteRoot, specifying the fields:
> >   pfortin.com
> >   http://pfortin.com/
> >   /Z
> > Big mistake #2!
> >
> > Re-install and try again...
> >
> > This time, I do the same thing; but without specifying a
> > Base...  Big mistake #3!
> >
> > In every case, I was left with an unusable Data.fs because the
> > http://localhost:8080/manage page was now pointing to non-existent
data..> > .
> >
> > I'm off to do some more reading; but the intent was to try to setup 2
> > virtual hosts on localhost:8080 without disturbing the running hosts
on> > port 80...  but I ended up with deadlocked files since main screen
points> > to http://localhost:8080/<fubar>/manage* which are not setup.
> >
> > Pierre
> >
> > _______________________________________________
> > Zope-Dev maillist  -  Zope-Dev@zope.org
> > http://lists.zope.org/mailman/listinfo/zope-dev
> > **  No cross posts or HTML encoding!  **
> > (Related lists -
> >  http://lists.zope.org/mailman/listinfo/zope-announce
> >  http://lists.zope.org/mailman/listinfo/zope )
> 
> 
> _______________________________________________
> Zope-Dev maillist  -  Zope-Dev@zope.org
> http://lists.zope.org/mailman/listinfo/zope-dev
> **  No cross posts or HTML encoding!  **
> (Related lists - 
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope )