[ZDP] BackTalk to Document The Zope Book (2.5 Edition)/Users and Security
webmaster@zope.org
webmaster@zope.org
Fri, 04 Oct 2002 12:21:06 -0400
A comment to the paragraph below was recently added via http://www.zope.org/Documentation/Books/ZopeBook/current/Security.stx#4-25
---------------
The emergency user is only really useful for two things:
fixing messed up permissions, and creating manager
accounts. As we saw in Chapter 2, "Using Zope" you can log in
as the emergency user to create a manager account when none
exist. After you create a manager account you should log out
as the emergency user and log back in as the manager.
% shawnharrison - Oct. 4, 2002 1:15 am:
I guess I don't understand "emergency user." What prevents Joe Anonymous user from creating a Joe A.
Emergency user for himself, with which he makes a Joe A. E. Manager user for himself to hack the system?
% Anonymous User - Oct. 4, 2002 12:21 pm:
The emergency user can only be defined by someone with access to the filesystem where the Zope software
lives. It cannot be defined "through the web".