zope3 lacks security declaration for StringIO.StringIO
Bug #5133 reported by
Guilherme Salgado
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Launchpad itself |
Fix Released
|
Low
|
Colin Watson | ||
Zope 3 |
Invalid
|
Undecided
|
Unassigned |
Bug Description
We need this declaration, otherwise we can't make any use of security-proxied objects of this type
For now, this declaration will be in launchpad/webapp/bug-5133.zcml. Please remove it when this bug is fixed.
Related branches
~cjwatson/launchpad:py3-io-security
Merged
into
launchpad:master
- Thiago F. Pappacena (community): Approve
-
Diff: 31 lines (+0/-15)2 files modifieddev/null (+0/-14)
lib/lp/services/webapp/configure.zcml (+0/-1)
Changed in launchpad: | |
assignee: | nobody → stub |
description: | updated |
Changed in launchpad: | |
assignee: | stub → launchpad-infrastructure |
Changed in launchpad: | |
importance: | Medium → Low |
summary: |
- zope3 should have security declaration for StringIO.StringIO + zope3 lacks security declaration for StringIO.StringIO |
Changed in launchpad: | |
status: | Triaged → In Progress |
assignee: | nobody → Colin Watson (cjwatson) |
To post a comment you must log in.
Guilherme Salgado wrote: /launchpad. net/malone/ bugs/5133
> Public bug report changed:
> https:/
>
> Changed in: Launchpad (upstream)
> Assignee: (unassigned) => Stuart Bishop
Hmm... Zope3 doesn't use cStringIO because it isn't Unicode aware. Are you
using it in a safe way?
-- www.canonical. com/ www.ubuntu. com/
Stuart Bishop <email address hidden> http://
Canonical Ltd. http://