Hi, Chris McDonough wrote:
On Tue, 5 Sep 2000, Evan Simpson wrote:
I've got to say I agree with you here. I'm still not 100% sure why the superuser or bootstrap user can't own anything.
It's due to a combination of the trojan horse issue and the sticky authentication issue, I think. You really don't want to be authenticated as super very often, because while you are, if you visit a page someone else wrote, they can make your browser do evil things to your site. This is also true of Managers, but less so. Similarly, a page owned by non-super has tighter permissions than one owned by the super would.
Yes... the PDG security chapter has all of this in it, but it would seem that neither Chris W or I are completely satisfied by these answers. :-) It seems a matter of diminishing returns, especially when newbies hit the wall during install, since we haven't provided them with an airbag yet.
Uhm. In the changes.txt there is mentioned that something had to be changed for tighter security. "The superuser can not own" is the same thing like not working with root privilegues on any unix system or log in as such. May be one should write it in <H1> all over the page where the download of zope is ;-) That may be the confusing part: one has to read while working with mostly text based applications ;-) Ok, the switching of user context is a bit painful with current authentication. One has to close all instances of the browser and reopen to log in as new user. May be the log-out-trick with the forced "unauthorized" response could help. Sometimes it is better to force people to think about security instead of having them complain after a break in about a faulty product. just my 0.02 penny ;-) Regards Tino