[Zope-PTK] Security Bug in version 0.8.2-complete

Tres Seaver tseaver@digicool.com
Wed, 06 Sep 2000 19:23:22 -0400


Hendrik Naumann wrote:
> 
> Hi
> 
> I installed Zope-PTK from the file
> http://www.zope.org/Products/PTK/ZopePTK-0.8.2-complete.tar.gz
> on an Zope-2.2.0-linux2-x86 (SuSE 6.4) - System.
> 
> I created some Members and realized that those (on a restarted
> Browser) are able to access the portal-configuration and even change
> settings there.
> 
> If you need more infomations, please contact me.

We have a tracker issue on this:

  http://www.zope.org/Products/PTK/Tracker/82
  
Is that the same behavior you notice?  I haven't reproduced it.

Tres.
-- 
===============================================================
Tres Seaver                                tseaver@digicool.com
Digital Creations     "Zope Dealers"       http://www.zope.org