[Zope-dev] Server Side Trojan Issue really dead?

Chris Withers chrisw@nipltd.com
Mon, 07 Aug 2000 13:26:13 +0100


Steve Alexander wrote:
> When I write a product that allows users to edit executable content, I
> have an extra responsibility to collaborate with the new security model.

> As a general princliple, executable content should never be editable by
> users with lower permissions than the owner of the content. This is the
> same principle system administrators use on a Unix system to know never
> to have a root-owned file that is executable by root, and also writable
> by others.

I agree with this...

So, it's up to product authors to make sure their products don't do
silly things.
In ZWiki's case, this means that all ZWiki Pages should be created with
an Anonymous or 'nobody' owner.
Then, if a page needs to do things, it can be given a proxy role to
enable it to do so.

cheers,

Chris