[Zope-Checkins] CVS: Zope/doc - CHANGES.txt:1.535.2.152
Tres Seaver
tseaver at zope.com
Thu Jan 8 15:12:37 EST 2004
Update of /cvs-repository/Zope/doc
In directory cvs.zope.org:/tmp/cvs-serv29583/doc
Modified Files:
Tag: Zope-2_6-branch
CHANGES.txt
Log Message:
- Enforce new restrictions on untrusted code, identified during
the December 2003 security audit. These issues affect sites
that allow untrusted users to write Python Scripts, Page Templates,
and DTML:
o Iteration over sequences could in some cases fail to check access
to an object obtained from the sequence. Subsequent checks (such
as for attributes access) of such an object would still be
performed, but it should not have been possible to obtain the
object in the first place.
o List and dictionary instance methods such as the get method of
dictionary objects were not security aware and could return an
object without checking access to that object. Subsequent checks
(such as for attributes access) of such an object would still be
performed, but it should not have been possible to obtain the
object in the first place.
o Use of 'import as. in Python scripts could potentially rebind
names in ways that could be used to avoid appropriate security
checks.
o A number of newer built-ins (min, max, enumerate, iter, sum)
were either unavailable in untrusted code or did not perform
adequate security checking.
o Unpacking via function calls, variable assignment, exception
variables and other contexts did not perform adequate security
checks, potentially allowing access to objects that should have
been protected.
o DTMLMethods with proxy rights could incorrectly transfer those
rights via acquisition when traversing to a parent object.
=== Zope/doc/CHANGES.txt 1.535.2.151 => 1.535.2.152 ===
--- Zope/doc/CHANGES.txt:1.535.2.151 Fri Dec 19 12:25:58 2003
+++ Zope/doc/CHANGES.txt Thu Jan 8 15:12:06 2004
@@ -4,9 +4,41 @@
Change information for previous versions of Zope can be found in the
file HISTORY.txt.
- After Zope 2.6.2 Final
+ Zope 2.6.3 final
Bugs Fixed
+
+ - Enforce new restrictions on untrusted code, identified during
+ the December 2003 security audit:
+
+ o Iteration over sequences could in some cases fail to check access
+ to an object obtained from the sequence. Subsequent checks (such
+ as for attributes access) of such an object would still be
+ performed, but it should not have been possible to obtain the
+ object in the first place.
+
+ o List and dictionary instance methods such as the get method of
+ dictionary objects were not security aware and could return an
+ object without checking access to that object. Subsequent checks
+ (such as for attributes access) of such an object would still be
+ performed, but it should not have been possible to obtain the
+ object in the first place.
+
+ o Use of 'import as. in Python scripts could potentially rebind
+ names in ways that could be used to avoid appropriate security
+ checks.
+
+ o A number of newer built-ins (min, max, enumerate, iter, sum)
+ were either unavailable in untrusted code or did not perform
+ adequate security checking.
+
+ o Unpacking via function calls, variable assignment, exception
+ variables and other contexts did not perform adequate security
+ checks, potentially allowing access to objects that should have
+ been protected.
+
+ o DTMLMethods with proxy rights could incorrectly transfer those
+ rights via acquisition when traversing to a parent object.
- Backport Python 2.3 test fix to
lib/python/Products/PluginIndexes/DateIndex: deal with the fact
More information about the Zope-Checkins
mailing list