[Zope-Checkins] CVS: Zope/doc - CHANGES.txt:1.535.2.159
Tres Seaver
tseaver at zope.com
Thu Jan 8 15:54:18 EST 2004
Update of /cvs-repository/Zope/doc
In directory cvs.zope.org:/tmp/cvs-serv4625/doc
Modified Files:
Tag: Zope-2_6-branch
CHANGES.txt
Log Message:
- Some improper security assertions on DTMLDocument objects could
potentially allow access to members that should be protected.
=== Zope/doc/CHANGES.txt 1.535.2.158 => 1.535.2.159 ===
--- Zope/doc/CHANGES.txt:1.535.2.158 Thu Jan 8 15:47:21 2004
+++ Zope/doc/CHANGES.txt Thu Jan 8 15:53:47 2004
@@ -8,6 +8,16 @@
Bugs Fixed
+ - Some improper security assertions on DTMLDocument objects could
+ potentially allow access to members that should be protected.
+
+ - Class security was not properly intialized for PythonScripts,
+ potentially allowing access to variables that should be protected.
+ It turned out that most of the security assertions were in fact
+ activated as a side effect of other code, but this fix is still
+ appropriate to ensure that all security declarations are properly
+ applied.
+
- The dtml-tree tag used an "eval" of user-supplied data; its
efforts to prevent abuse were ineffective.
@@ -31,39 +41,34 @@
a script to potentially access those objects without ensuring the
necessary permissions on the part of the executing user.
- - Enforce new restrictions on untrusted code, identified during
- the December 2003 security audit:
-
- o Iteration over sequences could in some cases fail to check access
- to an object obtained from the sequence. Subsequent checks (such
- as for attributes access) of such an object would still be
- performed, but it should not have been possible to obtain the
- object in the first place.
-
- o List and dictionary instance methods such as the get method of
- dictionary objects were not security aware and could return an
- object without checking access to that object. Subsequent checks
- (such as for attributes access) of such an object would still be
- performed, but it should not have been possible to obtain the
- object in the first place.
-
- o Use of 'import as. in Python scripts could potentially rebind
- names in ways that could be used to avoid appropriate security
- checks.
-
- o A number of newer built-ins (min, max, enumerate, iter, sum)
- were either unavailable in untrusted code or did not perform
- adequate security checking.
-
- o Unpacking via function calls, variable assignment, exception
- variables and other contexts did not perform adequate security
- checks, potentially allowing access to objects that should have
- been protected.
-
- o DTMLMethods with proxy rights could incorrectly transfer those
- rights via acquisition when traversing to a parent object.
+ - Iteration over sequences could in some cases fail to check access
+ to an object obtained from the sequence. Subsequent checks (such
+ as for attributes access) of such an object would still be
+ performed, but it should not have been possible to obtain the
+ object in the first place.
+
+ - List and dictionary instance methods such as the get method of
+ dictionary objects were not security aware and could return an
+ object without checking access to that object. Subsequent checks
+ (such as for attributes access) of such an object would still be
+ performed, but it should not have been possible to obtain the
+ object in the first place.
+
+ - Use of 'import as. in Python scripts could potentially rebind
+ names in ways that could be used to avoid appropriate security
+ checks.
+
+ - A number of newer built-ins (min, max, enumerate, iter, sum)
+ were either unavailable in untrusted code or did not perform
+ adequate security checking.
+
+ - Unpacking via function calls, variable assignment, exception
+ variables and other contexts did not perform adequate security
+ checks, potentially allowing access to objects that should have
+ been protected.
- - PythonScript was missing its class initialization.
+ - DTMLMethods with proxy rights could incorrectly transfer those
+ rights via acquisition when traversing to a parent object.
- Backport Python 2.3 test fix to
lib/python/Products/PluginIndexes/DateIndex: deal with the fact
More information about the Zope-Checkins
mailing list