16 May
2006
16 May
'06
12:58 p.m.
On 5/16/06, Cliff Ford <Cliff.Ford@ed.ac.uk> wrote:
So I still wonder if anyone who is ising the REMOTE_USER environment variable is aware of a problem and has a solution.
Environment-related variables should not be "hackable" from restricted code. Please file a report in de Zope Collector: http://www.zope.org/Collectors/Zope You'll need to log in (create a Zope.org account if you don't yet have one), and make sure you check the 'security related' tickbox. Thanks, -- Martijn Pieters