[Zope-dev] Re: zope nautilus cabal
andrea@debian.org
andrea@debian.org
Sat, 14 Apr 2001 18:17:26 +0200
On Fri, Apr 13, 2001 at 03:52:35PM -0400, Chris McDonough wrote:
> This isn't a bug, it's a feature. A bad one, likely, as there's no easy way
> to turn it off. ;-) I believe that if you turn off "Access Contents
> Information" permission for anonymous on the root folder, a WebDAV directory
> listing can't be retrieved. This, however, likely breaks lots of things
> that have nothing to do with WebDAV.
[cc: the debian maintainer of zope]
Mmm the bad thing is that the default installation of zope is
"vulnerable" (please note the ") to this type of feature. I'm
firewalling the port 9673, beacause turning off the "Access Contents
Informations" some web site stop to work.
Any kind of different workaround ?
Regards
a.f.
--
Andrea Fanfani
Era talmente intelligente che, datogli in mano un cubo di Rubik,
riusciva a mangiarlo in 15 secondi netti. (Anonimo)