[Zope] security
barry haycock
bhaycock@hotmail.com
Fri, 15 Jun 2001 06:26:50 -0000
<html><DIV>Can anyone help me with this security issue regarding ZOPE</DIV>
<DIV> </DIV>
<DIV>If you go to <A href="http://www.yoursite.com/manage_workspace">www.yoursite.com/manage_workspace</A></DIV>
<DIV> </DIV>
<DIV>you can access the manage screens of zope</DIV>
<DIV> </DIV>
<DIV>THIS IS NOT GOOD</DIV>
<DIV> </DIV>
<DIV>how can you overcome this</DIV>
<DIV> </DIV>
<DIV>I am using solaris v8 with apache as the web server talking to another solaris box with zope 2-3-0</DIV>
<DIV> </DIV>
<DIV>I have just found a way to edit the source code so that it emails me with the user name and password whenever the next person logs in. I can also edit any source code within the site.</DIV>
<DIV> </DIV>
<DIV>REQUIRE QUICK RESPONSE</DIV><br clear=all><hr>Get Your Private, Free E-mail from MSN Hotmail at <a href="http://www.hotmail.com">http://www.hotmail.com</a>.<br></p></html>