Zope Weekly News - Wed, 5 Jan 2000
Thu, 06 Jan 00 21:52:10 GMT
Zope Weekly News is a digest of some of the useful and interesting
events which have occurred on the various Zope mailing lists and the
Zope.org site. It is published each Wednesday evening.
Any opinions contained in the Zope Weekly News are those of the
* A security hole has been found and patched. The problem, found
thanks to Kevin Littlejohn's efforts, affects those sites which
make their Zope management interface available to untrusted users.
All Zope users are encouraged to read the announcement and update
their Zope installation. Patches are available for both 2.x and
This patch forced two new Zope releases, 2.1.2 and 1.10.4.
* Jephte CLAIN has released a new NT Domain authenticator:
jcNTUserFolder. Jephte's Product differs from "htrd"'s in that
roles are given through the web and impersonation is not used.
* "Drew" updated the Photo Product. Photo resizes images to the
user's preferred size. The present version is 0.1.0.
* "vladap" updated the mysqlUserFolder Product. This update fixes a
folder creation bug. mysqlUserFolder allows you to authenticate
users with data stored in a mysql database. It also allows you to
store arbitrary per-user data, and it supports HTTP and
cookie-based authentication schemes. The present version is
* Jephte CLAIN has also released two patches, one to the MIME tag,
and one to the import/export system.
The MIME patch adds *_expr versions of the type, disposition,
encode and name attributes of the MIME tag. These allow you to
evaluate an expression for the value of the attribute rather than
specifying a literal value. The patch also adds the attributes
filename and filename_expr to the tag. These attributes supply
hints that the client will use to determine the file's name.
The import/export patch allows you to import objects through the
web instead of having to place files on the filesystem.
* "phd" released an update to the mod_pcgi2 package. This update
adds a PCGI_ROOT command for virtual hosting. mod_pcgi2 is an
Apache module which moves the PCGI client into Apache's address
space, preventing the need to start a new process to avoid the
"fork tax". The present version is 0.2.0.
* "Gregor" had some quibbles with a couple aspects of Zope's user
interface. He wrote and submitted a How-To describing how to
prevent the "Powered by Zope" link from opening in a frame, and
how to make the Zope document editing TEXTAREA soft-wrap.
* Olivier Deckmyn <email@example.com> has just started
what stands to be an interesting thread for those wishing to take
the first step developing Zope applications. Olivier has a set of
classes which implement the logic of the application he wishes to
produce. He is looking for advice on how to move from a set of
standalone objects to a Zope application.
* To ring in the new year, Wei Tao <firstname.lastname@example.org> started a
Zope wishlist thread. Got a wish, rant or suggestion? Chime in.
* A thread significant to Product developers: Martijn Faassen
<email@example.com> desires to develop a set of Product
standards. He points out that there are some rather arcane things
that one has to do to produce a well-behaved Zope Product, but
that many people do not know what they are and even those who do
know do not always know _why_ ("voodoo programming"). Martijn
makes a number of suggestions to rectify this problem. Chris
McDonough graciously offers to contribute some effort to the cause.
----------- comp.lang.python.announce (moderated) ----------
Article Submission Address: firstname.lastname@example.org
Python Language Home Page: http://www.python.org/
Python Quick Help Index: http://www.python.org/Help.html