Driving Enterprise Python – Patches, Plug-ins, Outlines

A number of enterprise devs had pushed Python’s state-of-the-art in the last few weeks. Notably, Python has a new patch for a particularly sneaky security vulnerability, better support for new logging modules and even an upgraded documentation tool and programmers’ editor.

In this Python wrap, OET provides devs a quick tour, links for code downloads, FAQs and forums.

Security — A buffer overflow in python 2.2’s getaddrinfo() function was discovered earlier this week by Sebastian Schmidt. If python 2.2 is built without IPv6 support, an attacker could configure their name server to let a hostname resolve to a special IPv6 address, which could contain a memory address where shellcode is placed. This problem does not affect python versions prior to 2.2 or versions 2.2.2+, and it also doesn’t exist if IPv6 support is enabled. . Python with the patch is available here. For more background on the problem, go to theMandrakeSoft Security Advisory

Logging — The logging module is new in Python 2.3, defines functions and classes which implement a flexible error logging system for applications. Richard Jones, creator and manager of PyPI (Python Package Index) catalog of third-party Python packages posts in his blog that some “are confused by its complexity and inaccessible documentation.” Jones has put some out some practical advice on Python’s new logging at SourceForge to help the perplexed.

His advise: Please consider adding a simpler interface for people who just want to log to a file:



  import logging 

  logger = logging.open('/var/log/myapp.log') 

 

which does the equivalent of:

 import logging 

  logger = logging.getLogger('') 

  hdlr = logging.FileHandler('/var/log/myapp.log') 

  formatter = logging.Formatter('%(asctime)s %(levelname)s 

%(message)s') 

  hdlr.setFormatter(formatter) 

  logger.addHandler(hdlr) 

  logger.setLevel(logging.INFO) 

which is what I expect most users will want when they first see this module. If they then want to mess around with additional handers, or different formatting or whatever, then they can read the reference doc.

For more on Python suggestions and code, see Richard Jones’ blog Get documentation and suggested uses for Python 2.3’s new logging module here .

Code Management, Documentation: — Edward K Ream has released Leo 4.1, a multi-functional outline editor that supports literate programming in Python and Tk/tcl.

Leo includes: (1) a flexible browser, (2) a literate programming tool, (3) a data organizer and project manager. (4) fully scriptable capabilities using Python, and (5) portable framework designed to run on any platform with Python and Tk/tcl. The new release reflects more than four months of upgrade work and adds new plug-ins.

Ream, who uses Leo to improve efficiencies in his programming contract work, states: “I consider that my coders are 15 to 30 percent more efficient in their daily operations than my competition’s people. This indefensible claim of mine is based on the changes in my productivity as Leo grew from a test document production tool to the primary production method for all our assembly, c and cpp source code.” Key to that statement is that many of his projects apply Python in complex, multi-platform enterprise environments.

In [Leo files] are contained all the known issues for the code, each issue arranged in its own clone section. One clone section groups together every routine, variable or type definition that must change between different versions of Windows. These sections could be from six different c source files, two assembly files, and eight .h files,” Ream said.

Ream offers the following highlights list for Leo 4.1: runs in batch mode when invoked with –script; supports Unicode characters in path names; @directives and section references are now valid when executing scripts; @ignored and orphan nodes now valid in @file-nosent trees; script-based find/change commands; Check Outline command; Hoist and DeHoist commands; a new GUI-agnostic architecture; several new configuration settings; many new unit tests; a host of bug fixes.