[Zope] acquisition and security

Sune Brøndum Wøller sune at syntetisk.dk
Wed Nov 19 19:24:09 EST 2003



> -----Original Message-----
> From: zope-bounces at zope.org [mailto:zope-bounces at zope.org]On Behalf Of
> J. Cameron Cooper
> Sent: 20. november 2003 00:10
> To: Sune BrXndum WXller
> Cc: zope at zope.org
> Subject: Re: [Zope] acquisition and security
>
>
> Sune BrXndum WXller wrote:
>
> >sorry, but this is the most silly thing i have seen so far !
> >(and a bit annoying.....)
> >That a folder aquires its sibling folders complete tree.
> >I have several cmf-sites in the root of a zope-instance, which is
> >hosted not by myself. I can actually write for instance
> >www.dom1.com/dom2siterootfolder/dom2content and get content from
> >site dom2.com shown in dom1.com
> >
> >No other way to stop aq. from its megalomania ?
> >
> >(its not a security issue, since the stuff has to be public, but
> its silly,
> >and dangerous, inviting stupid things to happen.)
> >
> >
> Acquisition is fundamental to Zope, and this is just the way things
> work. And one of the features of this is that it doesn't insulate
> between VHM sites. It may be a misfeature, but it is performing
> as designed.
>
> Someone sufficiently clever and knowledgable (or sufficiently motivated)
> about the acquisition machinery could probably figure out a way around
> this. It should be easy to create a folder that does not acquire higher
> than itself. And probably in all of 20 lines of filesystem code,
> including boilerplate. Arranging things such that only acquisition to
> folders mapped in a VHM is stopped, and doing it all in the VHM (so
> generality of mapping targets is preserved) would pose a larger problem.
> Still doable, I think, but I'm not about to go doing it for fun (it
> doesn't really bother me that much.)
>

Don't get me wrong, acquisition *is* quite clever, but as a beginner
I get a bit frustrated sometimes with zope, all those
unexpected side effects.
Generally speaking I would prefer to have a greater amount of control over
which
urls that are valid and which that return a 404.

To follow your suggestion : I would have to look into making a folder
with explicit rather than implicit acquisition, by inheriting
Acquisition.Explicit (?)

/sune




More information about the Zope mailing list