18 Jul
1999
18 Jul
'99
9:13 p.m.
In article <lswvvxkauu.fsf@aldous.digicool.com>, michel@digicool.com writes
Robin Becker <robin@jessikat.demon.co.uk> writes:
...
XML-RPC worms (now THAT would be cool!). The last thing we want to see is a back orifice for Zope, which is exactly what I think could be developed if we ever provided a hole through Zope's security machinery.
-Michel in which case why allow any external methods since these allow exactly the things you wish to forbid.
Sitting at a terminal I can create a hole this hole which is propagated via Zope. What is the difference if the hole is programmed via Zope. Should I have less faith in the passwd system than I do in the security features of Zope? -- Robin Becker