[Zope-CMF] CookieCrumbler security issue?
Chris Withers
chris at simplistix.co.uk
Thu Jan 22 05:28:54 EST 2004
Lennart Regebro wrote:
> I decided to store the mappings between the token (which is just a
> number) and the password in a TemporaryFolder. I don't know if that
> makes sense. Maybe it's stupid, I don't know.
I think I'd be tempted to do it in an IOBTree in a global.
That said, the TemporaryFolder solution might work well for multiple ZEO
clients. If you replaced the TemporaryFolder with a mounted storage it could work...
What to people think about that?
cheers,
Chris
More information about the Zope-CMF
mailing list