[Zope] security risk in "many authors" situation

Ron Bickers rbickers@logicetc.com
Sun, 6 May 2001 13:55:24 -0400


----- Original Message ----- 
From: "Kyler B. Laird" <laird@ecn.purdue.edu>
To: "Joel Burton" <joel@scw.org>
Cc: <zope@zope.org>
Sent: Sunday, May 06, 2001 10:59 AM
Subject: Re: [Zope] security risk in "many authors" situation 


> 
> On Sun, 6 May 2001 10:44:24 -0400 (EDT) you wrote:
> 
> >IIRC, this is *not* the case at all --
> 
> Ah!  I love being wrong about such things.

This was a problem in Zope prior to 2.2.

See http://www.zope.org//Members/jim/ZopeSecurity/ServerSideTrojan

_____________________
Ron Bickers
Logic Etc, Inc.
rbickers@logicetc.com