[Zope] Major security flaw in Zope 2.3.2
Garry Steedman
gs@styrax.com
Wed, 6 Jun 2001 15:37:01 +0000
ooops... me for one!
perhaps a post-build/install script in the distributions would be
useful to ensure less experienced users don't get stung by this?
g
On 6 Jun 2001, at 15:25, Frank Tegtmeyer wrote:
From: Frank Tegtmeyer <fte@lightwerk.com>
To: zope@zope.org
Subject: Re: [Zope] Major security flaw in Zope 2.3.2
Date sent: Wed, 6 Jun 2001 15:25:46 +0200
> On Wed, Jun 06, 2001 at 02:43:48PM +0200, Jerome Alet wrote:
> > * make Data.fs and Data.fs.old only readable by a user every
> > other user on the system can't run commands as.
>
> Anyone out there who does *not* do that?
>
> Regards, Frank
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )
+-------------------------------------------+
Garry Steedman mailto:gs@styrax.com
Styrax Associates http://www.styrax.com/
"The Good Man has no shape."
+-------------------------------------------+