ooops... me for one! perhaps a post-build/install script in the distributions would be useful to ensure less experienced users don't get stung by this? g On 6 Jun 2001, at 15:25, Frank Tegtmeyer wrote: From: Frank Tegtmeyer <fte@lightwerk.com> To: zope@zope.org Subject: Re: [Zope] Major security flaw in Zope 2.3.2 Date sent: Wed, 6 Jun 2001 15:25:46 +0200
On Wed, Jun 06, 2001 at 02:43:48PM +0200, Jerome Alet wrote:
* make Data.fs and Data.fs.old only readable by a user every other user on the system can't run commands as.
Anyone out there who does *not* do that?
Regards, Frank
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
+-------------------------------------------+ Garry Steedman mailto:gs@styrax.com Styrax Associates http://www.styrax.com/ "The Good Man has no shape." +-------------------------------------------+