-----Original Message----- From: zope-bounces@zope.org [mailto:zope-bounces@zope.org]On Behalf Of Dylan Reinhardt Sent: 19. november 2003 04:35 To: Jamie Heilman Cc: Zope Users Subject: Re: [Zope] acquisition and security
On Tue, 2003-11-18 at 18:41, Jamie Heilman wrote:
Paul Howell wrote:
I have several sites running next to each other, each in its own folder,
The easy answer is, "don't do that." If you want data integrity between virtualhosts, don't store them in the same zope instances.
That is the best available answer I'm aware of if security matters and you're hosting multiple sites with anonymous access.
But if it doesn't have to be really tight and you prefer the simplicity of VHM mappings, a trick you could use is to salt each virtual root with error-returning methods that have the same name as your other roots.
site_roots/ foo/ boo moo boo/ foo moo moo/ foo boo
This isn't bulletproof or anything, but it may be good enough to prevent accidents and discourage experimentation. Appropriateness depends on your requirements.
HTH,
Dylan
Hi all, sorry, but this is the most silly thing i have seen so far ! (and a bit annoying.....) That a folder aquires its sibling folders complete tree. I have several cmf-sites in the root of a zope-instance, which is hosted not by myself. I can actually write for instance www.dom1.com/dom2siterootfolder/dom2content and get content from site dom2.com shown in dom1.com No other way to stop aq. from its megalomania ? (its not a security issue, since the stuff has to be public, but its silly, and dangerous, inviting stupid things to happen.) greetings, Sune