I've been using the REQUEST.OTHER namespace for this purpose. Is that safe to do? -jim -----Original Message----- From: Dario Lopez-Kästen [mailto:dario@ita.chalmers.se] Sent: Friday, October 24, 2003 12:20 PM Cc: zope@zope.org Subject: Re: AUTHENTICATED_USER is not reliable! [Was: [Zope] become user(su inside Zope) - pretend to be another user] Jens Vagelpohl wrote:
Why is everybody so obsessed with AUTHENTICATED_USER? This variable is not suitable for anything deserving the name "security". It is NOT SAFE to assume that it will contain anything useful.
Amen to that.
jens
Right, when can we consider REQUEST to be fairly safe? I.e. I know that it cab be manuoulated by any kind of script during the lifetime of a request, and aslo be populated from the URL. I consider manipulation from scripts acceptable behaviour, from the URL not. What I am actually trying to say is the following: I need a secure namespace available, a` la REQUEST, during the lifetime of a request - lets call it SAFE_REQUEST, that cannot be manipulated from the URL. Preferrably RAM-bound. Any ideas on how to achieve that (other than reading source, which I allready have begun to). Thanks, /dario -- -- ------------------------------------------------------------------- Dario Lopez-Ka"sten, IT Systems & Services Chalmers University of Tech. _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )