subject:"\[Zope\-dev\] 2.9.4\? reStructuredText support\?"

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-19 Thread Jim Fulton



On Jul 16, 2006, at 7:29 PM, Richard Jones wrote:


On Sunday 09 July 2006 22:56, Jim Fulton wrote:

Whoever integrated reST didn't even read the documentation, much less
the code.


FWIW.

The ZReST product was originally released by me around 2002 -  
before those
directives existed. According to the docutils HISTORY file, the  
directives

themselves added in 2003. The *warning* about them was added in 2004.
The configuration to *disable* them appears to have been added in  
2005.


Fair enough.  This points out that we need to be as vigilant when  
updating
3rd-party packages as when initially using them.  I understand that  
you didn't

upgrade distutils in Zope.

Please understand, and this is directed to everyone in this  
discussion,  it
is not my goal to blame individuals.  *We* made a mistake and we need  
to learn
from it.  We can't learn from mistakes and stop repeating them unless  
we admit them.


We made a number of mistakes in this episode.  We exposed (an update
to) a 3rd-party library TTW without doing enough homework to be  
reasonably
assured that it was safe.  When we found a problem, we didn't write  
tests to
assure that it was solved sufficiently.  Again, I don't want to get  
on anyone's case,
but I want to make sure that we follow processes that will reduce the  
chance

of a repeat of something like this.


What the hell docutils was doing turning this feature on by default...


I don't think that TTW entry of reST was a use case for docutils.  In  
it's

normal usage, it makes sense for these to be enabled IMO.  The onus
should be on us, when we decide to expose something TTW to make
sure that the power we're exposing is controlled.

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-16 Thread Richard Jones

On Sunday 09 July 2006 22:56, Jim Fulton wrote:
 Whoever integrated reST didn't even read the documentation, much less
 the code.

FWIW.

The ZReST product was originally released by me around 2002 - before those 
directives existed. According to the docutils HISTORY file, the directives 
themselves added in 2003. The *warning* about them was added in 2004.
The configuration to *disable* them appears to have been added in 2005.

What the hell docutils was doing turning this feature on by default...


Richard
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-13 Thread Dieter Maurer

Jim Fulton wrote at 2006-7-9 09:10 -0400:
 ...
On Jul 8, 2006, at 3:51 PM, [EMAIL PROTECTED] wrote:
...
 I agree with you that a feature (file/url inclusion code)
 physically removed from the shipped code can be considered no longer
 causing security risks -- even without extensive tests.

Your recent expression of distain for testing causes me to be  
unsurprised by this position.

I do not feel distain for testing altogether -- just for testing
posing a burden without significantly increasing quality...



-- 
Dieter
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-09 Thread Andreas Jung




--On 8. Juli 2006 07:45:01 -0400 Jim Fulton [EMAIL PROTECTED] wrote:



On Jul 8, 2006, at 1:11 AM, Andreas Jung wrote:




--On 7. Juli 2006 11:03:06 -0400 Jim Fulton [EMAIL PROTECTED] wrote:



I think we should do a 2.9.4 release to incorporate the recent hot
fix.
This is easy for me to say, since I won't be doing it. :)

Because this recent fix actually fixed the same problem that the
previous hot fix was supposed to fix, I think someone needs to
work up
some decent tests.  This is not a trivial task, bit it is
necessary.  If
no one is willing to do this, I think we need to drop the TTW
reStructuredText support from Zope 2, as it is too great a risk.



Dropping TTW reST is absolutely not an option. I breaks backward
compatibility.


Sorry, security trumps backward compatibility.



BTW, I suspect that a less violent patch could be created, if
anyone wants to champion TTW reStructuedText support in
Zope 2.  Personally, I'm for dropping it.


Tres' patch is looking in fine to me. I don't see a need right now
for dropping reST with having file inclusing *removed*.


Has anyone written tests for Tres' patch?  Apparently no one wrote
adequate tests for the last hot fix, which helped put us in this
situation.


I've written some tests (checked in on the trunk). They test the 'raw'
and 'include' directives

@Tres: what is the reason to keep the 'raw' code in docutils? I am in favor
to remove it and replace it with a NotImplementedError exception (same as 
for the the 'include' code). The related tests (for reStructredText and 
ZReST are commented for now) do except a NotImplementedError for a 'raw'

directive.

Andreas



pgpxhvtKf3mXC.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-09 Thread Willi Langenberger

According to Andreas Jung:
  Tres' patch is looking in fine to me. I don't see a need right now
  for dropping reST with having file inclusing *removed*.
 
  Has anyone written tests for Tres' patch?  Apparently no one wrote
  adequate tests for the last hot fix, which helped put us in this
  situation.

 I've written some tests (checked in on the trunk). They test the 'raw'
 and 'include' directives

Thank you, Andreas!

We make extensive use of reST (via ZWiki) and it would be very hard for
us to do without reST.

 @Tres: what is the reason to keep the 'raw' code in docutils? I am in favor
 to remove it and replace it with a NotImplementedError exception (same as 
 for the the 'include' code). The related tests (for reStructredText and 
 ZReST are commented for now) do except a NotImplementedError for a 'raw'
 directive.

In ZWiki reST pages you can use the 'raw' directive to call
e.g. python scripts (useful for custom index generation, ...). If it
goes away due to security reasons, so be it. But if there is a way to
keep the 'raw' functionality and remove only 'file' and 'include', we
are certanly in favour of that...


\wlang{}

-- 
[EMAIL PROTECTED]Fax: +43/1/31336/9207
Zentrum fuer Informatikdienste, Wirtschaftsuniversitaet Wien, Austria
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-09 Thread Andreas Jung




--On 9. Juli 2006 12:29:24 +0200 Willi Langenberger [EMAIL PROTECTED] 
wrote:






@Tres: what is the reason to keep the 'raw' code in docutils? I am in
favor to remove it and replace it with a NotImplementedError exception
(same as  for the the 'include' code). The related tests (for
reStructredText and  ZReST are commented for now) do except a
NotImplementedError for a 'raw' directive.


In ZWiki reST pages you can use the 'raw' directive to call
e.g. python scripts (useful for custom index generation, ...). If it
goes away due to security reasons, so be it. But if there is a way to
keep the 'raw' functionality and remove only 'file' and 'include', we
are certanly in favour of that...



You mean 'file' and 'url'...they are now disabled.

-aj

pgp4EkTNzTT38.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-09 Thread Jim Fulton



On Jul 8, 2006, at 3:06 PM, Andreas Jung wrote:






No, it is not. I haven't worked on the hotfix...so why would it be
up to me
write tests?


It's not.  The person who *did* write the hot-fix didn't want the
feature in the first place.  Tres stepped up and helped us in an
emergency. I imagine that he isn't signing up to maintaint the  
feature.


When you talk of the feature...you mean file inclusion? This  
feature was not supposed to be there. It was never a goal of reST  
to provide this feature. So Tres' solution (removing the code) is  
perfectly fine.


No, the feature I'm talking about is TTW reST.  Because reST has a  
feature

that has to be turned off to be secure when processing text from
untrusted users, it requires special care.

There are a lot of modules where we don't want to take over the  
maintainer.
The important thing is that we have clever ppl who understand the  
code and can deal with such problems in such a case.


We need a better chain of responsibility than that, especially when  
there is a known security thread.



See above...it's not a question of general responsibility...it's a  
question of taking over the responsibility for a particular problem  
in particular
situation...of course maintainers for modules are highly  
welcome...things are as they are in the Zope 2 world...


I don't agree.  Our current approach isn't working.

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-09 Thread Jim Fulton



On Jul 8, 2006, at 3:27 PM, Andreas Jung wrote:




--On 8. Juli 2006 15:05:21 -0400 Jim Fulton [EMAIL PROTECTED] wrote:


I think this applies here as well.


1. ZClasses are not a security threat. reST is. That's a huge   
difference.


Being a security thread or not ...how will you prove that a module  
X is a thread or not? Without source code review every module has  
the potential
to be a thread. I would never claim that the modules I've written  
or maintain in some way are totally safe...


One difference is that between our code and 3rd-party code.  I wrote  
the ZClasses

code and paid a lot of attention to security.

Whoever integrated reST didn't even read the documentation, much less  
the code.






2. This event illustrates that I was wrong.



Possibly, but a lot of modules were written by ppl that are no  
longer active in the community and a lot of these modules are a  
real cruft that nobody want to touch (and that little ppl  
understand). For the time being we have to live with this situation  
in the Zope 2 world. The only way out is to replace more and more  
code with Zope 3 modules which is actually happening.


So what does it mean to be a maintainer of a package?


This is something that the Zope Foundation needs to work out.  I'd  
like to start

a discussion of this when Martijn gets back from vacation. Or perhaps we
should put off the discussion till September when most people are  
back from vacation.


A maintainer has to keep the code in shape and should of course  
care about security issues. But a maintainer might have a different  
view on security than you...so how to get out of this dilemma? Code  
audits? They would help but you know how much time they take  
(impractical for most code if you ask me).  The current  
unofficial code auditing by watching the checkin lists seems to  
work to a certain degree (perhaps not directly related to security  
issues but to wrong code in general). Getting maintainers for Zope  
core packages is even more harder than some yrs ago when the Zope  
community wasn't split up as it is today (CPS, Zope3,Zope2, Plone,  
CMF). The common view on the Zope 2 core seems to be it works,  
it's a cruft, don't touch it..and ppl prefer to put their hands on  
other stuff outside the Zope 2 core. I am realistic enough to see  
that this won't change in the near future.


My view is that both Zope 2 and Zope 3 are too big.  IMO, they need  
to be split into smaller projects packaged more or less separately.   
reST and ZClasses should be add-ons, not a part of the code. It  
should be possible for each project/package to tell if the project is  
active. Then it's up to users to decide whether to take the risk of  
using an unsupported package.


Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-09 Thread Jim Fulton



On Jul 8, 2006, at 5:38 PM, Tino Wildenhain wrote:


Jim Fulton wrote:



...

You mean auditing. Testing would not help imho. Testing
only checks if expected behavior still works. And nobody
expects the spanish inquisiton *wink* ;)


You can test that trying to do fil-inclusion fails.



For example if I'd were the one who would have written
the naive test - I would not have known a file inclusion
feature even exists or is supposed to be exposed to
reST. So my test would not have tested it. So we had
perfectly tests for all the reST things we want and
expect but the hole would exist anyway.


I agree that testing is not enough if you don't know what to
test for.  It's sad that whoever enabled this didn't bother
to read the docutils documentation which documents the feature
and even provides warning about it's security issues:

http://docutils.sourceforge.net/docs/ref/rst/ 
directives.html#including-an-external-document-fragment


Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Jim Fulton



On Jul 8, 2006, at 1:11 AM, Andreas Jung wrote:




--On 7. Juli 2006 11:03:06 -0400 Jim Fulton [EMAIL PROTECTED] wrote:



I think we should do a 2.9.4 release to incorporate the recent hot  
fix.

This is easy for me to say, since I won't be doing it. :)

Because this recent fix actually fixed the same problem that the
previous hot fix was supposed to fix, I think someone needs to  
work up
some decent tests.  This is not a trivial task, bit it is  
necessary.  If

no one is willing to do this, I think we need to drop the TTW
reStructuredText support from Zope 2, as it is too great a risk.



Dropping TTW reST is absolutely not an option. I breaks backward  
compatibility.


Sorry, security trumps backward compatibility.



BTW, I suspect that a less violent patch could be created, if
anyone wants to champion TTW reStructuedText support in
Zope 2.  Personally, I'm for dropping it.


Tres' patch is looking in fine to me. I don't see a need right now  
for dropping reST with having file inclusing *removed*.


Has anyone written tests for Tres' patch?  Apparently no one wrote  
adequate tests for the last hot fix, which helped put us in this  
situation.


I'm not opposed to keeping TTW reST if *someone takes responsibility*
for it.  I don't see this happening.  If someone cares enough about  
TTW reST
to stand behind it and properly address the security risks by writing  
tests,

then great.  Otherwise it has to go.

I also think Tres' patch was the right emergency measure, but I'm not
so sure it is the right long-term fix.  It reflects a sorry, but  
perhaps sadly

accurate,  view of the community's commitment to quality. :(

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Andreas Jung




--On 8. Juli 2006 07:45:01 -0400 Jim Fulton [EMAIL PROTECTED] wrote:



On Jul 8, 2006, at 1:11 AM, Andreas Jung wrote:




--On 7. Juli 2006 11:03:06 -0400 Jim Fulton [EMAIL PROTECTED] wrote:



I think we should do a 2.9.4 release to incorporate the recent hot
fix.
This is easy for me to say, since I won't be doing it. :)

Because this recent fix actually fixed the same problem that the
previous hot fix was supposed to fix, I think someone needs to
work up
some decent tests.  This is not a trivial task, bit it is
necessary.  If
no one is willing to do this, I think we need to drop the TTW
reStructuredText support from Zope 2, as it is too great a risk.



Dropping TTW reST is absolutely not an option. I breaks backward
compatibility.


Sorry, security trumps backward compatibility.


Only if there is no other option. Tres' patch seems to resolve this issue 
and with further testing there is no need to remove the functionality.







BTW, I suspect that a less violent patch could be created, if
anyone wants to champion TTW reStructuedText support in
Zope 2.  Personally, I'm for dropping it.


Tres' patch is looking in fine to me. I don't see a need right now
for dropping reST with having file inclusing *removed*.


Has anyone written tests for Tres' patch?  Apparently no one wrote
adequate tests for the last hot fix, which helped put us in this
situation.

I'm not opposed to keeping TTW reST if *someone takes responsibility*
for it.  I don't see this happening.  If someone cares enough about  TTW
reST
to stand behind it and properly address the security risks by writing
tests,
then great.


There is currently litte need to break this over the knee. We have a 
hotfix, we have a stripped down version of Docutils. We have some time 
until the next releases. Perhaps nobody had time so far (at least me) for 
writing further tests..that does not mean that nobody takes responsibility. 
If we would rip of everything from Zope 2 where nobody takes over 
responsibilitywhat would be left?


In addition I don't see a big problem for Zope-only(!) apps. Using reST in 
Zope requires access to the ZMI which is in general available only to 
trusted users. Removing TTW-editing of reST in Zope does *not* solve any
problem e.g. for Plone where reST can be edited through the Plone UI by 
usually untrusted users. It is *our* task to make reST (basically Docutils)
secure enough. It's safe enough for Zope-only apps but I agree that the 
Docutils code and the hotfix requires some more testing and review.



Otherwise it has to go.


No :-)


 It reflects a sorry, but  perhaps
sadly
accurate,  view of the community's commitment to quality. :(


Sorry, I've no idea what you mean with this remark.

Andreas



pgp0Qll2KK3JE.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Jim Fulton



On Jul 8, 2006, at 8:12 AM, Andreas Jung wrote:




--On 8. Juli 2006 07:45:01 -0400 Jim Fulton [EMAIL PROTECTED] wrote:



On Jul 8, 2006, at 1:11 AM, Andreas Jung wrote:




--On 7. Juli 2006 11:03:06 -0400 Jim Fulton [EMAIL PROTECTED] wrote:



I think we should do a 2.9.4 release to incorporate the recent hot
fix.
This is easy for me to say, since I won't be doing it. :)

Because this recent fix actually fixed the same problem that the
previous hot fix was supposed to fix, I think someone needs to
work up
some decent tests.  This is not a trivial task, bit it is
necessary.  If
no one is willing to do this, I think we need to drop the TTW
reStructuredText support from Zope 2, as it is too great a risk.



Dropping TTW reST is absolutely not an option. I breaks backward
compatibility.


Sorry, security trumps backward compatibility.


Only if there is no other option. Tres' patch seems to resolve this  
issue and with further testing there is no need to remove the  
functionality.


Seems isn't good enough. It's not even close.  The hot fix last fall
seemed to fix the problem. :(

Heck (I wanted to use another 4-letter-word, because I'm getting kinda
angry), even the current patch hasn't been adequately tested.  Michael
suggested that the patch needed to be tested against all recent Zope
versions.  Has this been done? I don't think so.  Do we even have  
*tests*
that it works? I doubt it.  I don't fault Tres for this.  We needed  
to get the hotfix
out in a hurry.  Do I think Tres should have to write tests for this?  
After he plugged

a hole in something he didn't want included in the first place? Heck no.


BTW, I suspect that a less violent patch could be created, if
anyone wants to champion TTW reStructuedText support in
Zope 2.  Personally, I'm for dropping it.


Tres' patch is looking in fine to me. I don't see a need right now
for dropping reST with having file inclusing *removed*.


Has anyone written tests for Tres' patch?  Apparently no one wrote
adequate tests for the last hot fix, which helped put us in this
situation.

I'm not opposed to keeping TTW reST if *someone takes responsibility*
for it.  I don't see this happening.  If someone cares enough  
about  TTW

reST
to stand behind it and properly address the security risks by writing
tests,
then great.


There is currently litte need to break this over the knee. We have  
a hotfix, we have a stripped down version of Docutils. We have some  
time until the next releases. Perhaps nobody had time so far (at  
least me) for writing further tests..that does not mean that nobody  
takes responsibility. If we would rip of everything from Zope 2  
where nobody takes over responsibilitywhat would be left?


In addition I don't see a big problem for Zope-only(!) apps. Using  
reST in Zope requires access to the ZMI which is in general  
available only to trusted users. Removing TTW-editing of reST in  
Zope does *not* solve any
problem e.g. for Plone where reST can be edited through the Plone  
UI by usually untrusted users. It is *our* task to make reST  
(basically Docutils)
secure enough. It's safe enough for Zope-only apps but I agree that  
the Docutils code and the hotfix requires some more testing and  
review.



Otherwise it has to go.


No :-)


Wrong. Sorry, I'll invoke Pope if I have to.

I'm not talking about 2.9 and earlier. but if no one takes  
responsibility

for this feature, wi'll rip it out of 2.10.


 It reflects a sorry, but  perhaps
sadly
accurate,  view of the community's commitment to quality. :(


Sorry, I've no idea what you mean with this remark.


Tres came up with this sledge hammer because he has no confidence
in people's willingness to test and implement this feature properly.
Sadly, he has good evidence for this point of view.

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Andreas Jung





On Jul 8, 2006, at 8:12 AM, Andreas Jung wrote:




--On 8. Juli 2006 07:45:01 -0400 Jim Fulton [EMAIL PROTECTED] wrote:

Only if there is no other option. Tres' patch seems to resolve this
issue and with further testing there is no need to remove the
functionality.


Seems isn't good enough. It's not even close.  The hot fix last fall
seemed to fix the problem. :(


That's is still not an argument. I'll agree with you when we are all 
convinced that we are all unable to fix this issue if a reasonable effort 
or when come to conclusion that Docutils is a problem by itself...sorry, 
but we are not  at that point so far.





Otherwise it has to go.


No :-)


Wrong. Sorry, I'll invoke Pope if I have to.


Sorry Jim, that's weak. See above. I'll accept the decision of the Pope as 
long as it is comprehensible...so far it is not.




Tres came up with this sledge hammer because he has no confidence
in people's willingness to test and implement this feature properly.


I am fine with the sledge-hammer. I've never claimed that we need to 
support file insertion and raw support in any way. We don't need, we can 
kick it.
But removing or disabling a feature because we are possibly incompetent 
would be just ridiculous.



Andreas

pgpjVi7J8VaAa.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Jim Fulton



On Jul 8, 2006, at 9:17 AM, Andreas Jung wrote:





On Jul 8, 2006, at 8:12 AM, Andreas Jung wrote:




--On 8. Juli 2006 07:45:01 -0400 Jim Fulton [EMAIL PROTECTED] wrote:

Only if there is no other option. Tres' patch seems to resolve this
issue and with further testing there is no need to remove the
functionality.


Seems isn't good enough. It's not even close.  The hot fix last  
fall

seemed to fix the problem. :(


That's is still not an argument. I'll agree with you when we are  
all convinced that we are all unable to fix this issue if a  
reasonable effort or when come to conclusion that Docutils is a  
problem by itself...sorry, but we are not  at that point so far.





Otherwise it has to go.


No :-)


Wrong. Sorry, I'll invoke Pope if I have to.


Sorry Jim, that's weak. See above. I'll accept the decision of the  
Pope as long as it is comprehensible...so far it is not.


Maybe you aren't listening.


Tres came up with this sledge hammer because he has no confidence
in people's willingness to test and implement this feature properly.


I am fine with the sledge-hammer. I've never claimed that we need  
to support file insertion and raw support in any way. We don't  
need, we can kick it.
But removing or disabling a feature because we are possibly  
incompetent would be just ridiculous.


I can live with the sledge hammer for Zope 2.  All I ask for is tests.

If there are tests for each way of invoking reST through the web that  
verifies that file-inclusion isn't enabled, then it's alright with me  
if the sledge hammer is used to make the tests pass.  I won't  
tolerate an untested feature with so much security risk.


I'll also note that the sledgehammer might not itself be safe in the  
presense of the various reload products for Zope 3.  Would Tres'  
patch be defeated by reloading docutils.parsers.rst.directives.misc?   
Is there a chance that a reload product

could reload this module and undo the fix?  I dunno.  It is worrisome.

You seem to be the only one championing TTW reST?  Are you unwilling  
to write the tests necessary to keep it?  If so, it's hard to have  
any sympathy for your desire to keep it.


Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Andreas Jung




--On 8. Juli 2006 09:53:47 -0400 Jim Fulton [EMAIL PROTECTED] wrote:


Maybe you aren't listening.


I am listening very well.




Tres came up with this sledge hammer because he has no confidence
in people's willingness to test and implement this feature properly.


I am fine with the sledge-hammer. I've never claimed that we need
to support file insertion and raw support in any way. We don't
need, we can kick it.
But removing or disabling a feature because we are possibly
incompetent would be just ridiculous.


I can live with the sledge hammer for Zope 2.  All I ask for is tests.

If there are tests for each way of invoking reST through the web that
verifies that file-inclusion isn't enabled, then it's alright with me  if
the sledge hammer is used to make the tests pass.  I won't  tolerate an
untested feature with so much security risk.


Yes, someone has to write the tests at some time, soon. As I pointed out 
the risk is minimal for Zope-apps because you need to have access to the 
ZMI..
so what are security concerns in this case? And file inclusion won't work 
if the related code is stripped off...so what are your security concerns in 
this case?




I'll also note that the sledgehammer might not itself be safe in the
presence of the various reload products for Zope 3.  Would Tres'  patch
be defeated by reloading docutils.parsers.rst.directives.misc?   Is there
a chance that a reload product
could reload this module and undo the fix?  I dunno.  It is worrisome.




You seem to be the only one championing TTW reST?


I am only champion against crude removal of features and against and a 
shortsighted preception.



Are you unwilling  to
write the tests necessary to keep it?


This is really not the point. As release manager I am allowed to speak up. 
But that does not imply I have to fix all and everything.



Andreas

pgpcx3gJ4ogbH.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Jim Fulton



On Jul 8, 2006, at 10:09 AM, Andreas Jung wrote:




--On 8. Juli 2006 09:53:47 -0400 Jim Fulton [EMAIL PROTECTED] wrote:

...

Tres came up with this sledge hammer because he has no confidence
in people's willingness to test and implement this feature  
properly.


I am fine with the sledge-hammer. I've never claimed that we need
to support file insertion and raw support in any way. We don't
need, we can kick it.
But removing or disabling a feature because we are possibly
incompetent would be just ridiculous.


I can live with the sledge hammer for Zope 2.  All I ask for is  
tests.


If there are tests for each way of invoking reST through the web that
verifies that file-inclusion isn't enabled, then it's alright with  
me  if
the sledge hammer is used to make the tests pass.  I won't   
tolerate an

untested feature with so much security risk.


Yes, someone has to write the tests at some time, soon.


Right. Before 2.10.

As I pointed out the risk is minimal for Zope-apps because you need  
to have access to the ZMI..


No, it's not.  Getting at arbitrary files is not acceptable from the  
ZMI.


so what are security concerns in this case? And file inclusion  
won't work if the related code is stripped off...so what are your  
security concerns in this case?


I am concerned by the lack of tests.  Whoever created the last hot  
fix was sure the problem was fixed.  They were wrong and we're paying  
the price.




I'll also note that the sledgehammer might not itself be safe in the
presence of the various reload products for Zope 3.  Would Tres'   
patch
be defeated by reloading docutils.parsers.rst.directives.misc?
Is there

a chance that a reload product
could reload this module and undo the fix?  I dunno.  It is  
worrisome.




You seem to be the only one championing TTW reST?


I am only champion against crude removal of features and against  
and a shortsighted preception.


That doesn't deserve an answer.


Are you unwilling  to
write the tests necessary to keep it?


This is really not the point. As release manager I am allowed to  
speak up. But that does not imply I have to fix all and everything.


Yes, it really is the point. We've had a serious security failure due  
to a lack

of adequate testing.  This is not acceptable.

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

The hotfix that isn't? (was: Re: [Zope-dev] 2.9.4? reStructuredText support?)

2006-07-08 Thread Sidnei da Silva

Just to make the matters clear, when you say 'the last hotfix' Jim, do
you mean the Hotfix-20060705?

I ask because I'm about to roll a hotfix installer for Plone and if
there's an issue with that one I can hold back the installer.

-- 
Sidnei da Silva
Enfold Systemshttp://enfoldsystems.com
Fax +1 832 201 8856 Office +1 713 942 2377 Ext 214
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Tino Wildenhain

...

 You seem to be the only one championing TTW reST?

 I am only champion against crude removal of features and against and a
 shortsighted preception.

I'm for keeping it (or something like it) too.

 That doesn't deserve an answer.
 
 Are you unwilling  to
 write the tests necessary to keep it?

 This is really not the point. As release manager I am allowed to speak
 up. But that does not imply I have to fix all and everything.
 
 Yes, it really is the point. We've had a serious security failure due to
 a lack
 of adequate testing.  This is not acceptable.

You mean auditing. Testing would not help imho. Testing
only checks if expected behavior still works. And nobody
expects the spanish inquisiton *wink* ;)

Regards
Tino
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: The hotfix that isn't? (was: Re: [Zope-dev] 2.9.4? reStructuredText support?)

2006-07-08 Thread Jim Fulton



On Jul 8, 2006, at 12:05 PM, Alec Mitchell wrote:


On 7/8/06, Sidnei da Silva [EMAIL PROTECTED] wrote:
Just to make the matters clear, when you say 'the last hotfix'  
Jim, do

you mean the Hotfix-20060705?

I ask because I'm about to roll a hotfix installer for Plone and if
there's an issue with that one I can hold back the installer.


It looks to me like the only issue with it is the lack of tests.  The
inadequate hotfix appears to be one from last fall which attempted to
address the same issue.


Right

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Jim Fulton



On Jul 8, 2006, at 11:32 AM, Tino Wildenhain wrote:


...



You seem to be the only one championing TTW reST?


I am only champion against crude removal of features and against  
and a

shortsighted preception.


I'm for keeping it (or something like it) too.


Are you volunteering to do a decent job of maintaining it?


That doesn't deserve an answer.


Are you unwilling  to
write the tests necessary to keep it?


This is really not the point. As release manager I am allowed to  
speak

up. But that does not imply I have to fix all and everything.


Yes, it really is the point. We've had a serious security failure  
due to

a lack
of adequate testing.  This is not acceptable.


You mean auditing. Testing would not help imho. Testing
only checks if expected behavior still works. And nobody
expects the spanish inquisiton *wink* ;)


You can test that trying to do fil-inclusion fails.

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Jim Fulton



On Jul 8, 2006, at 10:41 AM, Andreas Jung wrote:




--On 8. Juli 2006 10:16:30 -0400 Jim Fulton [EMAIL PROTECTED] wrote:


Yes, someone has to write the tests at some time, soon.


Right. Before 2.10.


...so we have some time...


Sadly, but that's a different problem.




As I pointed out the risk is minimal for Zope-apps because you need
to have access to the ZMI..


No, it's not.  Getting at arbitrary files is not acceptable from  
the  ZMI.


...which won't be possible with *removed* file inclusion code...


Good, right some tests and prove it.


so what are security concerns in this case? And file inclusion
won't work if the related code is stripped off...so what are your
security concerns in this case?


I am concerned by the lack of tests.  Whoever created the last  
hot  fix
was sure the problem was fixed.  They were wrong and we're paying   
the

price.


This can happen all the time. A problem in the release process does  
not justify the removal of a feature until we tried our best to  
solve the problem. Use the sledge hammer as a last resort.


The problem in the release process was an inattention to
basic process.  This is unacceptable in a security-related issue.


You seem to be the only one championing TTW reST?


I am only champion against crude removal of features and against
and a shortsighted preception.


That doesn't deserve an answer.


Sorry for being harsh but the lack of tests after two days is  
really not

appropriate approach.


Who said anything about 2 days.  I said we need tests and
we need someone to be responsible for this feature or we'll have to drop
the feature.  I didn't say we had to drop it right this second.





Are you unwilling  to
write the tests necessary to keep it?


This is really not the point. As release manager I am allowed to
speak up. But that does not imply I have to fix all and everything.


Yes, it really is the point.


No, it is not. I haven't worked on the hotfix...so why would it be  
up to me

write tests?


It's not.  The person who *did* write the hot-fix didn't want the  
feature in the first place.  Tres stepped up and helped us in an  
emergency. I imagine that he isn't signing up to maintaint the feature.



I don't want blame Tres...he was doing his best in the  
situation...but this is totally unrelated that I would be unwilling  
to write tests in this case.


That's fine.

I would have helped but it was late evening and at some point you  
need some sleep...


That's fine too.  I know it was late and you tried to help.  You were  
there and helping and I appreciate it.  I really do. A lot. So, we're  
past the emergency -- we hope.


The problem is that we have a feature with an implementation that is  
a security risk.  We have a feature that doesn't seem to have a  
champion -- because no one is willing to come forward and maintain it  
properly.  In that case, the feature is orphaned and we have to get  
rid of it.  It is too risky to keep it under the circumstances.


I'm perfectly willing to keep it if someone takes responsibility.   
That hasn't happened yet.


Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Andreas Jung




--On 8. Juli 2006 14:37:06 -0400 Jim Fulton [EMAIL PROTECTED] wrote:



On Jul 8, 2006, at 11:32 AM, Tino Wildenhain wrote:


...



You seem to be the only one championing TTW reST?


I am only champion against crude removal of features and against
and a
shortsighted preception.


I'm for keeping it (or something like it) too.


Are you volunteering to do a decent job of maintaining it?


During the keep-or-don't-keep-zclasses discusssionyou said something like
not every package needs a maintainer in order keep it in the zope core.
I think this applies here as well.

Andreas

pgpSnyVGo4IS9.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: The hotfix that isn't? (was: Re: [Zope-dev] 2.9.4? reStructuredText support?)

2006-07-08 Thread Jim Fulton



On Jul 8, 2006, at 10:53 AM, Sidnei da Silva wrote:


Just to make the matters clear, when you say 'the last hotfix' Jim, do
you mean the Hotfix-20060705?


No, I was referring to the one before that.  The November '0f
hot fix purported to solve the same problem.

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Jim Fulton



On Jul 8, 2006, at 2:47 PM, Andreas Jung wrote:




--On 8. Juli 2006 14:37:06 -0400 Jim Fulton [EMAIL PROTECTED] wrote:



On Jul 8, 2006, at 11:32 AM, Tino Wildenhain wrote:


...



You seem to be the only one championing TTW reST?


I am only champion against crude removal of features and against
and a
shortsighted preception.


I'm for keeping it (or something like it) too.


Are you volunteering to do a decent job of maintaining it?


During the keep-or-don't-keep-zclasses discusssionyou said  
something like
not every package needs a maintainer in order keep it in the zope  
core.

I think this applies here as well.


1. ZClasses are not a security threat. reST is. That's a huge  
difference.


2. This event illustrates that I was wrong.

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Andreas Jung




--On 8. Juli 2006 14:42:31 -0400 Jim Fulton [EMAIL PROTECTED] wrote:


This can happen all the time. A problem in the release process does
not justify the removal of a feature until we tried our best to
solve the problem. Use the sledge hammer as a last resort.


The problem in the release process was an inattention to
basic process.  This is unacceptable in a security-related issue.


This can happen all the time, it should not happen..but it happened
(likely because the private emails around this issue caused a lot of trouble
and noise).


You seem to be the only one championing TTW reST?


I am only champion against crude removal of features and against
and a shortsighted preception.


That doesn't deserve an answer.


Sorry for being harsh but the lack of tests after two days is
really not
appropriate approach.


Who said anything about 2 days.  I said we need tests and
we need someone to be responsible for this feature or we'll have to drop
the feature.  I didn't say we had to drop it right this second.


It sounded to me that way..


Are you unwilling  to
write the tests necessary to keep it?


This is really not the point. As release manager I am allowed to
speak up. But that does not imply I have to fix all and everything.


Yes, it really is the point.


No, it is not. I haven't worked on the hotfix...so why would it be
up to me
write tests?


It's not.  The person who *did* write the hot-fix didn't want the
feature in the first place.  Tres stepped up and helped us in an
emergency. I imagine that he isn't signing up to maintaint the feature.


When you talk of the feature...you mean file inclusion? This feature was 
not supposed to be there. It was never a goal of reST to provide this 
feature. So Tres' solution (removing the code) is perfectly fine.


There are a lot of modules where we don't want to take over the maintainer.
The important thing is that we have clever ppl who understand the code and 
can deal with such problems in such a case.






The problem is that we have a feature with an implementation that is  a
security risk.  We have a feature that doesn't seem to have a  champion
-- because no one is willing to come forward and maintain it  properly.
In that case, the feature is orphaned and we have to get  rid of it.  It
is too risky to keep it under the circumstances.

I'm perfectly willing to keep it if someone takes responsibility.   That
hasn't happened yet.



See above...it's not a question of general responsibility...it's a question 
of taking over the responsibility for a particular problem in particular
situation...of course maintainers for modules are highly welcome...things 
are as they are in the Zope 2 world...


Andreas


pgpfGiElKvSY5.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Andreas Jung




--On 8. Juli 2006 15:05:21 -0400 Jim Fulton [EMAIL PROTECTED] wrote:


I think this applies here as well.


1. ZClasses are not a security threat. reST is. That's a huge  difference.


Being a security thread or not ...how will you prove that a module X is a 
thread or not? Without source code review every module has the potential
to be a thread. I would never claim that the modules I've written or 
maintain in some way are totally safe...





2. This event illustrates that I was wrong.



Possibly, but a lot of modules were written by ppl that are no longer 
active in the community and a lot of these modules are a real cruft that 
nobody want to touch (and that little ppl understand). For the time being 
we have to live with this situation in the Zope 2 world. The only way out 
is to replace more and more code with Zope 3 modules which is actually 
happening.


So what does it mean to be a maintainer of a package?

A maintainer has to keep the code in shape and should of course care about 
security issues. But a maintainer might have a different view on security 
than you...so how to get out of this dilemma? Code audits? They would help 
but you know how much time they take (impractical for most code if you ask 
me).  The current unofficial code auditing by watching the checkin lists 
seems to work to a certain degree (perhaps not directly related to security 
issues but to wrong code in general). Getting maintainers for Zope core 
packages is even more harder than some yrs ago when the Zope community 
wasn't split up as it is today (CPS, Zope3,Zope2, Plone, CMF). The common 
view on the Zope 2 core seems to be it works, it's a cruft, don't touch 
it..and ppl prefer to put their hands on other stuff outside the Zope 2 
core. I am realistic enough to see that this won't change in the near 
future.


Andreas



pgp7YXTRWMkZp.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread dieter

Andreas Jung wrote at 2006-7-8 14:12 +0200:
 ...  removing TTW reST ...

[Andreas]

In addition I don't see a big problem for Zope-only(!) apps.

Of course, you must also consider applications built on top
of Zope -- such as ZWiki and Plone. They, too, need to be
protected.

[Jim] ... retain only when someone takes responsibility ...
 Otherwise it has to go.

[Andreas]

No :-)

This, time I am on your side, Andreas :-)

I agree with you that a feature (file/url inclusion code)
physically removed from the shipped code can be considered no longer
causing security risks -- even without extensive tests.

I also agree with you, that this is preferable to dropping reST
altogether (despite the fact, that I personnally do not use it).


Of course, an artistically set Python path could cause Python's docutils
to be used -- but hey, that's then a locally caused problem.



-- 
Dieter
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-08 Thread Tino Wildenhain

Jim Fulton wrote:
 
...
 You mean auditing. Testing would not help imho. Testing
 only checks if expected behavior still works. And nobody
 expects the spanish inquisiton *wink* ;)
 
 You can test that trying to do fil-inclusion fails.
 

For example if I'd were the one who would have written
the naive test - I would not have known a file inclusion
feature even exists or is supposed to be exposed to
reST. So my test would not have tested it. So we had
perfectly tests for all the reST things we want and
expect but the hole would exist anyway.

To cut a long story short, I guess the current
fix can work or there can be other holes
(which we constantly would not be aware no matter
how many tests tell us the file inclusion does
not work anymore).

So whats the solution? Audit of the docutils
package? Putting it into restricted environment
like the other template engines?

Inclusion of own docutils like, but audited
code?

Regards
Tino
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

[Zope-dev] 2.9.4? reStructuredText support?

2006-07-07 Thread Jim Fulton



I think we should do a 2.9.4 release to incorporate the recent hot fix.
This is easy for me to say, since I won't be doing it. :)

Because this recent fix actually fixed the same problem that the
previous hot fix was supposed to fix, I think someone needs to work up
some decent tests.  This is not a trivial task, bit it is necessary.  If
no one is willing to do this, I think we need to drop the TTW
reStructuredText support from Zope 2, as it is too great a risk.

BTW, I suspect that a less violent patch could be created, if
anyone wants to champion TTW reStructuedText support in
Zope 2.  Personally, I'm for dropping it.

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-07 Thread Chris Withers


Jim Fulton wrote:


BTW, I suspect that a less violent patch could be created, if
anyone wants to champion TTW reStructuedText support in
Zope 2.  Personally, I'm for dropping it.


+1 on dropping it completely, but then I hate all types of structured 
text so I doubt I'm in the majority...


Chris

--
Simplistix - Content Management, Zope  Python Consulting
   - http://www.simplistix.co.uk
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-07 Thread Jim Fulton



On Jul 7, 2006, at 12:17 PM, Stefan H. Holek wrote:

Tres' patch (removing 'include' and 'raw' altogether) looks fairly  
low on violence to me. No reason to drop reST from Zope, IMO.


Well, I wouldn't want to apply the patch for Z3, as we use
reST on the file system and include and raw have legitimate uses.
In fact, I think include and maybe even include of system files
could have use in some TTW applications.  In fact, Tres' patch
would make it hard to a well-written 3rd-party Zope 2 app
to use raw in legitimate way.

Don't get me wrong. I like Tres' patch. It was absolutely
the best patch for the situation at hand.

Jim

--
Jim Fulton  mailto:[EMAIL PROTECTED]Python 
Powered!
CTO (540) 361-1714  
http://www.python.org
Zope Corporationhttp://www.zope.com http://www.zope.org



___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

2006-07-07 Thread Andreas Jung




--On 7. Juli 2006 11:03:06 -0400 Jim Fulton [EMAIL PROTECTED] wrote:



I think we should do a 2.9.4 release to incorporate the recent hot fix.
This is easy for me to say, since I won't be doing it. :)

Because this recent fix actually fixed the same problem that the
previous hot fix was supposed to fix, I think someone needs to work up
some decent tests.  This is not a trivial task, bit it is necessary.  If
no one is willing to do this, I think we need to drop the TTW
reStructuredText support from Zope 2, as it is too great a risk.



Dropping TTW reST is absolutely not an option. I breaks backward 
compatibility.



BTW, I suspect that a less violent patch could be created, if
anyone wants to champion TTW reStructuedText support in
Zope 2.  Personally, I'm for dropping it.


Tres' patch is looking in fine to me. I don't see a need right now for 
dropping reST with having file inclusing *removed*.


-aj

pgpUu9iidzc4Z.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

The hotfix that isn't? (was: Re: [Zope-dev] 2.9.4? reStructuredText support?)

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: The hotfix that isn't? (was: Re: [Zope-dev] 2.9.4? reStructuredText support?)

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: The hotfix that isn't? (was: Re: [Zope-dev] 2.9.4? reStructuredText support?)

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

[Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

Re: [Zope-dev] 2.9.4? reStructuredText support?

32 matches

Site Navigation

Mail list logo

Footer information