[Zope] [announce] Local File System product

Evan Gibson egibson@connect.com.au
Tue, 26 Oct 1999 11:20:44 +1000


On Mon, Oct 25, 1999 at 06:12:12PM -0700, Jonothan Farr wrote:
> > Issues to address:
> >     security (not as much of a problem as with my read/write product)
> The only security issue I've addressed is that '..' is not allowed as a
> directory name, it will throw a ValueError. Also, of course the Zope server
> has to have permissions to access any files that it tries to read through
> LocalFS. If anyone can think of any others please let me know.

I was planning on writing a product like this myself (but of course didn't 
quite get past just thinking about it in my head! I have so many projects
like that!)
What I was planning on doing for security was having an "access" file in
the products directory that contained a list of directories and a list of
the files (allowing wildcards) that you were allowed to access in _that_
directory. It was going to default to only letting you read txt and log
files in the product directory itself (defined by .).
You could also add roles to this file.
Basically you would strip out any &;: and other weird characters from the 
directory name the product was trying to access and then, if it wasn't in
the list, don't bother looking any further. If it was, then check that they
are allowed to look at the file.

Basic reasoning is you do _not_ want people looking at any file they like
(like config files and password files), so if the access restrictions are
actually on your hard drive then if someone manages to crack your Zope
installation and get management permissions on it they still can't access
anything on your box unless they've cracked it independantly.


> -jfarr

-- 
  Evan ~ThunderFoot~ Gibson    ~ nihil mutatem, omni deletum ~
      May the machines watch over you with loving grace.