[Zope] Re: Security
Hole in ZPublisher.BaseRequest.BaseRequest.traverse?
Chris Withers
chris at simplistix.co.uk
Tue Feb 22 14:12:19 EST 2005
Dieter Maurer wrote:
> When you change it, you will loose user folders in subsites
> (which are quite essential).
Why? all you'd need to do is open up "access contents information" so
anonymous users can traverse to the user folder...
>>What role-to-permissions mappings do you set so that no-one can access a
>>particular object's contents, once they know its id?
>
> In general, this is a very difficult questions.
>
> * The concrete permission depends on the object type.
> It is the permission that is defined with
> "declareObjectProtected(...)".
>
> Usually it is "Access contents information",
> but templates use "View" instead and
> other objects may choose to use a different permission.
>
> * Even when the "object permission" is not granted,
> special methods (protected by whatever permission)
> may still be able to access an object's content.
>
> Thus, you would need to revoke grants to such
> permissions as well.
Hmmm, a highly unsatisfactory answer :-( Not your fault Dieter, but I
really feel there should be some obvious, simple way to say "no, you
can't access anything in this folder or below unless you have permission X"
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
More information about the Zope
mailing list