[Zope] security hole
george donnelly
list@zettai.net
Fri, 28 Mar 2003 10:39:19 -0500
[Max M wrote (maxm@mxm.dk) on 3/28/03 4:45 AM]
>> accessing a zope site with nautilus can show you the whole structure:
>> folders,
>> methods and documents. On some sites you see the source of index_html. I
>> didn't figure out, what makes the difference.
>>
>
> Are you shure that you are not logged in to the site? If you are, it is
> not a security hole, but perhaps a bug in Nautilus with regards to
> WebDav. Which sounds more likely.
if you have the default setup then this is not a bug in the WebDAV client.
You need to remove anonymous WebDAV access in the root Security tab.
<-->
george donnelly - http://www.zettai.net/ - "We Love Newbies" :)
Zope Hosting - Dynamic Website Design - Search Engine Promotion
Yahoo, AIM: zettainet - MSN: zettainet@hotmail.com - ICQ: 51907738