On Wed, 2003-09-24 at 10:32, Edward Pollard wrote:
The project heirarchy basically looks like this:
/root index.html otherfiles.html /queries all Z SQL Methods /scripts all python scripts
The problem as I percieve it is that you can feed my Z SQL Methods and python scripts any input you want if you know what they are called.
Assuming you haven't taken any measures to prevent that, yes.
This is bad. Security via Obscurity is not secure.
Sure isn't.
Anyone with better thoughts on securing my scenario? (Or, indeed, if I need to turn my scenario on its head?)
Instead of grouping your objects by *type* you should group them by *permissions* such that traversing further into the hierarchy enforces increasingly strict permissions. Read the Zope Book chapter on security, come up with some roles that describe your different functional groups and configure your objects to only respond to the roles you want using them. http://zope.org/Documentation/Books/ZopeBook/2_6Edition/Security.stx HTH, Dylan