[Zope-dev] Re: names starting with '@' are not reserved
Tres Seaver
tseaver at palladion.com
Wed Mar 15 19:45:34 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dieter Maurer wrote:
> yuppie wrote at 2006-3-15 11:23 +0100:
>
>>...
>>Zope 2's checkValidId makes sure this doesn't happen with Zope 2 folder
>>methods, Zope 3's NameChooser makes sure this doesn't happen with Zope 3
>>folder views. Even the bad_id-patch described above doesn't allow to
>>override folder methods.
>
>
> Maybe, the "checkValidId" should refuse to add an object with
> an id that hides a view declared for this folder and not
> reject any id that might (potentially) hide a view because
> it starts with "@" or "+"...
>
> This would prevent the security concerns you seem to have
> and allows for most ids to be accepted...
Such objects would still suffer from potential future namespace clashes
with views not yet declared, or even not yet appropriate to the object
in its current state (e.g, should it acquire a new marker interface, its
set of views would be larger).
I would think that the reasonable thing to do here is to make the "id
validation" policy pluggable (e.g., via an adapter), so that users with
different needs can supply appropriate policies. The question then
becomes which policy should be the default. Given that such IDs are
only recently possible in Zope, I would say using a more restrictive
policy by default would be sensible.
Tres.
- --
===================================================================
Tres Seaver +1 202-558-7113 tseaver at palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFEGLUt+gerLs4ltQ4RAiHvAJ9MYRbR7xARubp/yX6W22tABURpxwCff4Ls
/Ru0OVluMzODwSge3eAhf7U=
=f/Iz
-----END PGP SIGNATURE-----
More information about the Zope-Dev
mailing list