[Zope-dev] ForbiddenAttribute: why subclass AttributeError?
Christian Theune
ct at gocept.com
Wed Oct 15 11:49:30 EDT 2008
Hi,
Why is a ForbiddenAttribute also an AttributeError? Is this intended to
avoid 'information leaks'?
We found a nasty side-effect together with getattr and annotations: a
user that didn't have read-access to __annotations__ would end up trying
to create the annotations container again and again because getattr(obj
'__annotations__', None) would return None instead of propagating the
ForbiddenAttribute exception.
Christian and Wolfgang
--
Christian Theune · ct at gocept.com
gocept gmbh & co. kg · forsterstraße 29 · 06112 halle (saale) · germany
http://gocept.com · tel +49 345 1229889 7 · fax +49 345 1229889 1
Zope and Plone consulting and development
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://mail.zope.org/pipermail/zope-dev/attachments/20081015/5b28037f/attachment.bin
More information about the Zope-Dev
mailing list