[Zope3-checkins] Re: SVN: Zope3/trunk/src/zope/security/checker.py
Reverting checkin
just made, because a test failed. The test explained why
Philipp von Weitershausen
philipp at weitershausen.de
Sat Sep 17 06:01:27 EDT 2005
Stephan Richter wrote:
> Log message for revision 38496:
> Reverting checkin just made, because a test failed. The test explained why
> it wants this behavior. While I disagree with the reasoning, I am too
> tired right now to pick the fight and risk a lot of breakage.
I was already going to "rebel" against the change when I saw you backed
it out. The comment in the test scratches the issue only on the surface:
ForbiddenAttributeErrors are *essential* to debugging security in Zope
3. If they would be silently caught, you wouldn't see when you're
missing security declarations for a class and you only wonder why you
can't access it even though you have manager rights, for example. I'm
running into that exact same problem on Zope 2 all the time now (in the
context of Five) where such a simple of tool analysis isn't present...
there you have to resort to the VerboseSecurityPolicy and a lot of guessing.
Philipp
More information about the Zope3-Checkins
mailing list