[Zope] Security Hole in
ZPublisher.BaseRequest.BaseRequest.traverse?
Dieter Maurer
dieter at handshake.de
Wed Feb 16 13:04:41 EST 2005
Chris Withers wrote at 2005-2-16 09:55 +0000:
> ... ZPublisher security checking only the traversed to object ...
> ...
>This feels like a pretty horrible
>security hole to me :-(
>
>What do other people think?
I see it as a feature not a bug.
It allows to have subsites less strictly protected
than the upper layers.
This is essential, as Zope makes it quite difficult
to remove rights when going deeper into the hiearchy
while it is quite easy to add additional rights.
That traversal itself is not security checked is not
such a big problem because when the application tries
to access the ancestors from untrusted code, then
security checks are performed.
--
Dieter
More information about the Zope
mailing list