-----Original Message----- From: zope-bounces@zope.org [mailto:zope-bounces@zope.org]On Behalf Of J. Cameron Cooper Sent: 20. november 2003 00:10 To: Sune BrXndum WXller Cc: zope@zope.org Subject: Re: [Zope] acquisition and security
Sune BrXndum WXller wrote:
sorry, but this is the most silly thing i have seen so far ! (and a bit annoying.....) That a folder aquires its sibling folders complete tree. I have several cmf-sites in the root of a zope-instance, which is hosted not by myself. I can actually write for instance www.dom1.com/dom2siterootfolder/dom2content and get content from site dom2.com shown in dom1.com
No other way to stop aq. from its megalomania ?
(its not a security issue, since the stuff has to be public, but its silly, and dangerous, inviting stupid things to happen.)
Acquisition is fundamental to Zope, and this is just the way things work. And one of the features of this is that it doesn't insulate between VHM sites. It may be a misfeature, but it is performing as designed.
Someone sufficiently clever and knowledgable (or sufficiently motivated) about the acquisition machinery could probably figure out a way around this. It should be easy to create a folder that does not acquire higher than itself. And probably in all of 20 lines of filesystem code, including boilerplate. Arranging things such that only acquisition to folders mapped in a VHM is stopped, and doing it all in the VHM (so generality of mapping targets is preserved) would pose a larger problem. Still doable, I think, but I'm not about to go doing it for fun (it doesn't really bother me that much.)
Don't get me wrong, acquisition *is* quite clever, but as a beginner I get a bit frustrated sometimes with zope, all those unexpected side effects. Generally speaking I would prefer to have a greater amount of control over which urls that are valid and which that return a 404. To follow your suggestion : I would have to look into making a folder with explicit rather than implicit acquisition, by inheriting Acquisition.Explicit (?) /sune