Hello all - We have recently become aware of two important security issues that managers of Zope sites need to be aware of. Please see the overview at: http://www.zope.org/Members/jim/ZopeSecurity/TrojanIssueOverview for further details. Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com
Uhmm; what about this idea? On every action-selection (management) menu, for example, the contents view of a folder; generate a (fairly or completely) random key. action-selection menu: Menu from where actions can be performed, i.e. DTMLMethods deleted, etc. This value gets stored in some sort of table, and expires after x*n minutes. In the table there's a reference to where the key was generated and by whom. Now, when somebody deletes something, the random key is checked against the table.. This could be a good idea... This isn't a well formulated idea, simply a spark of Zen (or something) =).. -Morten
participants (2)
-
Brian Lloyd -
Morten W. Petersen