[Zope-dev] Zope 2.2.0 alpha 1 released...

Oleg Broytmann phd@phd.russ.ru
Tue, 16 May 2000 08:35:06 +0000 (GMT)


On Tue, 16 May 2000, Itamar Shtull-Trauring wrote:
> Brian Lloyd wrote:
> 
> > This release contains the new changes to the Zope security
> > model to protect against the server-side trojan issue:
> > 
> > http://www.zope.org/Members/jim/ZopeSecurity/ServerSideTrojan
> 
> Hmm.  Let's say an object is owned by user Joe.  I export the object and
> reimport it in a different Zope installation, where Joe doesn't exist.  Who
> owns the object?  nobody?

Those who do not understand Unix are condemned to reinvent it, poorly.
                                                      -- Henry Spencer

   :)))

   Zope is gonig more and more to unix-like security mechanisms (owner,
setuid, etc). In UNIX, if you untar an archive, who owns the files? You! In
Zope, the owner will be that person who did import. Just so simple.
(Actually, I knows nothing about Zope 2.2; but I know UNIX, so I made the
conclusion :)

Oleg.            (All opinions are mine and not of my employer)
---- 
    Oleg Broytmann      Foundation for Effective Policies      phd@phd.russ.ru
           Programmers don't die, they just GOSUB without RETURN.