[Zope-dev] Superuser ownership (was "Adding LoginManager at the root")
Phillip J. Eby
pje@telecommunity.com
Tue, 16 May 2000 11:58:19 -0500
At 11:25 AM 5/16/00 -0400, Tres Seaver wrote:
>
>Hmm, LoginManager might be able to exploit the "revert to unowned"
>behavior of objects belonging to former users:
>
> * Create a temporary user temporarily;
>
> * Assign it to REQUEST.AUTHENTICATED_USER;
>
> * Construct the DTML Methods;
>
> * Delete the user.
>
>Oops, nope, this still won't work, because then the superuser won't be
>able to call those DTML Methods to add users (I think). Maybe leaving
>the "cruft" user in place is sensible, except that (for instance) it
>presents the same kind of problem as the recent piranha mess (default
>passwords). We could pass in the id and password of the new manager
>in the constructor form, I guess.
>
Maybe I'm missing something, but couldn't all this be solved by having
objects created by the superuser always be owned by "nobody" with respect
to ownership (not owner-role)? Wouldn't that fix this entire issue (and
many others we probably haven't thought of yet)?
(Please move follow-ups to zope-dev)