On Fri, 8 Nov 2002, Craeg K Strong wrote:
OK
How about this for the TODO list for ExternalFile:
Hope it isn't too late discussing this issue. I have tested this product and gave up because of security considerations. And now I have to use it for large files. There is another aspect that this discussion so far has not reached, multi-users, regardless of what mechanism is going to be used. Say my Zope system provides virtual hosting for webmasters (or users in my point of view) of different websites. Not all webmasters want their ExternalFile-linked file be freely accessed to the public. So how if a webmaster links a file belonging to another website? I have an idea, but don't know whether it is possible: set uid. If there is a way Zope server can change uid to a predefined one before accessing an externally linked file, each webmaster will have permission to their own home directory plus some shared directories to which all webmasters have permission. Then I can create system accounts for each webmaster, and map them to the Zope users using a product like SystemUserFolder (is there one?) And if also add the 'jail' option (or chroot to the the webmasters home directory), it will be perfect. Back one step, even there is no way to actually change the uid, we can at least check again it before adding an external file. I'm talking about Unix, I think their are eqivalent way on Windows NT. BTW, I think a similar product, ZFS, is facing the same securiy issue. Wei He