[Zope-dev] Zope 4 publisher/traversal, sprint topic
yuppie
y.2011 at wcm-solutions.de
Fri Oct 28 07:46:09 UTC 2011
Hi!
Leonardo Rochael Almeida wrote:
> After the last two rather serious security issues that were recently
> patched in the Zope2 code base, it is increasingly clear to me that,
> differently than what Hanno reported some time ago, it's not so much
> the ZMI that represents a huge security liability in the Zope
> codebase, but it's actually the way the current publisher happily
> traverses any attribute and publishes any method with docstring by
> default.
Is that the fault of the publisher? AFAICT the biggest security problem
of Zope2 is this line in OFS.SimpleItem.Item:
# Allow (reluctantly) access to unprotected attributes
__allow_access_to_unprotected_subobjects__=1
I'm not familiar with the details of the first hotfix, but the second
one wouldn't have been necessary without that line.
I propose to remove that line in Zope 4 and to add explicit security
declarations where ever needed. The first part is easy, the second part
a lot of work for many people.
Cheers,
Yuppie
More information about the Zope-Dev
mailing list