[Zope] Security Problem

Dylan Reinhardt zope@dylanreinhardt.com
30 Mar 2003 09:31:11 -0800


On Sat, 2003-03-29 at 16:40, James Davies wrote:
> Having multiple role seems like a huge overkill. When you get down to it, the 
> users are defined in acl_users, a regular object. If you stripped the 
> aquisition wrapper and placed acl_users in the context of the actual 
> container, you would bypass all those problems as the acl_users would only be 
> effective in siblings and their child nodes, which is the expected behavour. 
> 

Yes... that will do the trick in many situations, though it has its own
significant shortcomings.  I use a lot of shared stuff between virtual
hosts so it doesn't work for me to choke off privileged upward
acquisition.  

Partitioning roles may only be relevant for certain configurations or it
may just be a paranoia layer.  I suspect that answering that question
will require a great deal more time and effort than I'm currently able
to put to the task.  Then again, the OP *appears* to have supplied us
with an example of where it's necessary.  Difficult to say for sure.

In any event you should, of course, use the configuration that is
best-suited for your particular requirements.

Dylan