small summary and big plea was:(Re: [Zope-dev] Versions: should
they die?)
Shane Hathaway
shane@zope.com
Fri, 06 Jun 2003 10:04:08 -0400
Casey Duncan wrote:
> The security implications do not seem dire enough to me to warrent trying to
> squeeze this into 2.6.x. If you do not use versions then none of the
> implications apply. Perhaps it might be possible to do additional security
> checks to make entering versions more protected. This might be an appropriate
> change for 2.6.
My opinion on this is a little different. It's quite easy for anyone to
make mischief on any Zope server that lets people make even minor
changes to the site, such as giving feedback, posting a discussion item,
etc. All you have to do is include a Zope-Version cookie in the request
and your changes will place a lock on any objects that the request
touches. Zope doesn't even check the validity of the Zope-Version
cookie. Anyone who is not a ZODB expert would have a hard time bringing
the site back to sanity.
I think 2.6 ought to fix this by disabling recognition of the
Zope-Version cookie and disabling the creation of Version objects, with
an option to re-enable.
Shane