[Zope-CMF] Manager Proxy Role ineffective for deleting/moving
objects
George Lee
georgeleejr at gmail.com
Sat Nov 19 09:28:07 EST 2005
I forget if I submitted a collector issue about this before, but I
didn't see it. I just posted one at
<http://www.zope.org/Collectors/CMF/396>:
Title: PortalFolder.py _verifyObjectPaste ignores executable security
Version info: CMF 1.5.4 but also in trunk
_verifyObjectPaste calls "sm.checkPermission(permission_name,self)"
rather than "_checkPermission(permission_name,self)"
This makes it ignore executable security. So, if _verifyObjectPaste is
in an external method or in a script with sufficient proxy roles, it
raises an Unauthorized error for users when the external method /
proxy role security should suffice.
Peace,
George
[originally posted this on the zope list yesterday but then discovered
this list also]
On 9/9/05, Dieter Maurer <dieter at handshake.de> wrote:
> George Lee wrote at 2005-9-8 23:57 -0400:
> > ...
> >Is it okay to just replace sm.checkPermission with _checkPermission
> >from CMFCore.utils or is that not okay?
>
> Yes. But, please file a bug report as well.
>
> >Also Dieter I noticed that Alan Runyan and you briefly discussed this
> >issue back in 2002:
> >http://mail.zope.org/pipermail/zope-cmf/2002-September/015350.html
>
> Any internal use should always take executable security (i.e.
> executable ownership and proxy roles) into account.
> Not doing so is a but, as things expected to be possible are not
> and (maybe even worse) things expected to be impossible may
> be possible.
>
> There may be a need for application code to check the permissions
> of the user with proxy roles not taken into account.
>
> E.g. a script that must use a "Manager" roles to do one
> thing but does not want to do another unless the current
> user has specific permissions.
>
> For this case, there also should be a method checking
> permissions with proxy roles not taken into account.
>
> --
> Dieter
>
More information about the Zope-CMF
mailing list