[Zope] XXX-PythonMethods caveats?

Evan Simpson evan@4-am.com
Tue, 14 Mar 2000 21:55:46 -0500


----- Original Message -----
From: "Tony McDonald" <tony.mcdonald@ncl.ac.uk>
[Unmistakable fierce-as-I-could-make-it warning omitted]
>
> Of course, I then set
> do_XXX=1   :)

Noooo!! <crash><snarl><rip> Aeeii!!! <rattle>

> I only ever run my Zope servers under a non-priviledged account.
>
> Can anyone explain what sort of leopards I should look out for, as I
> can see that I'd want to use XXX-PythonMethods for a lot more things.

Think of it this way: under normal circumstances if someone hostile got full
access to your Zope management interface, through a bug or password sniffing
perhaps, your Data.fs would be toast.  That's what backups are for, of
course.  Put XXXPythonMethods in the picture and your entire Zope
installation, any filesystem areas writable by the Zope-process user, and
any services accessible to that user are subject to abuse.  Some of this can
also be handled by backups, but subtle subversion over a period long enough
to render backups worthless is a much greater possibility.

You might end up as a CPU server for arbitrary Python programs.  You might
not.  LOOK OUT, IT'S BEHIND Y..<glurk>

> ps the icon for the XXX-PythonMethod object is way cool! :)

They had to have *something* positive going for them :-)

Cheers,

Evan @ 4-am & digicool