[Modeling-cvs] ZModeling/ZModelizationTool README,1.2,1.3 __init__.py,1.3,1.4
Status: Abandoned
Brought to you by:
sbigaret
Menu
▾
▴
[Modeling-cvs] ZModeling/ZModelizationTool README,1.2,1.3 __init__.py,1.3,1.4
|
From: <sbi...@us...> - 2003-09-07 14:04:56
|
Update of /cvsroot/modeling/ZModeling/ZModelizationTool
In directory sc8-pr-cvs1:/tmp/cvs-serv8712/ZModelizationTool
Modified Files:
README __init__.py
Log Message:
Updated security warning message
Index: README
===================================================================
RCS file: /cvsroot/modeling/ZModeling/ZModelizationTool/README,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** README 7 Sep 2003 13:51:43 -0000 1.2
--- README 7 Sep 2003 14:04:52 -0000 1.3
***************
*** 26,30 ****
environment may be a security hole.
! Moreover, you probably do not want to leave a product in a production
! environment which may have the ability to drop and recreate a database, for
! example.
--- 26,30 ----
environment may be a security hole.
! Moreover, you probably do not want to leave in a production
! environment a product whose instances may have the ability to drop and
! recreate a database, for example.
Index: __init__.py
===================================================================
RCS file: /cvsroot/modeling/ZModeling/ZModelizationTool/__init__.py,v
retrieving revision 1.3
retrieving revision 1.4
diff -C2 -d -r1.3 -r1.4
*** __init__.py 7 Sep 2003 13:51:43 -0000 1.3
--- __init__.py 7 Sep 2003 14:04:53 -0000 1.4
***************
*** 30,34 ****
def initialize(context):
! warning="Please do not leave the ZModelizationTool product in a production environment, especially now that it can load PyModel: PyModels are evaluated through an exec statement, hence leaving this product in a production environment may be a security hole\n"
zLOG.LOG('ZModelizationTool', zLOG.WARNING, 'Reminder: Security Warning', warning)
context.registerClass(
--- 30,34 ----
def initialize(context):
! warning="Please do not leave the ZModelizationTool product in a production environment, especially now that it can load PyModel: PyModels are evaluated through an exec statement, hence leaving this product in a production environment may be a security hole. Another reason is that you probably do not want to leave in a production environment a product whose instances may have the ability to drop and recreate a database, for example.\n"
zLOG.LOG('ZModelizationTool', zLOG.WARNING, 'Reminder: Security Warning', warning)
context.registerClass(
|
