* Andy McKay <[EMAIL PROTECTED]> [010924 01:11]:
> Haven't we been complaining about this automatic appending of tracebacks for
> a while? To me this is what log files are for.... but Im not sure what this
> guy is on. I wouldnt count this as a "security vulnerability".
It's not an exploitable vulnerability (which is the only sort of
vulnerability in my book ;) but it's as ugly as a warthog, and it would
be nice to arrange things more gracefully.
seb
>
> ----- Original Message -----
> From: "Chris Withers" <[EMAIL PROTECTED]>
> To: "Paul Everitt" <[EMAIL PROTECTED]>; "ALife" <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Sent: Sunday, September 23, 2001 10:44 AM
> Subject: Re: [Zope-dev] Vulnerability in Zope
>
>
> > > Do others consider this a vulnerability?
> >
> > Yup... especially given the hard-coded (sigh) error page returned for
> > authentication error gives out this information :-(
> >
> > Chris
> >
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
