[Grok-dev] Strange session / security problem with Grok 0.14

Ivo van der Wijk vladdrac at gmail.com
Sun Jan 11 10:07:18 EST 2009


2009/1/11 Ivo van der Wijk <vladdrac at gmail.com>:
> Hi,
>
> One of my apps recently got deployed in production and we're
> experiencing a strange security issue. It's asif people can randomly
> (unwillingly) take over each others session. There's no reliable/easy
> way to reproduce this so it's very hard to debug.
>

Small correction/update: We're using grok 0.13. The production site
where the error occurs is running behind apache with virtual hosting.
Locally I haven't been able to reproduce the problem (by accessing
zope directly on port 8080)

Regards

Ivo




-- 
Drs. I.R. van der Wijk / m3r Consultancy B.V.
Linux/Python/Zope/Plone and Open Source solutions
PO-box 51091, 1007 EB Amsterdam, The Netherlands
Email: ivo <at> m3r.nl Web: http://m3r.eu/


More information about the Grok-dev mailing list