AW: [Zope3-Users] Trusted traversers in z3c.layer: security
concerns
Markus Kemmerling
markus.kemmerling at meduniwien.ac.at
Tue Sep 11 14:07:05 EDT 2007
Hi Roger,
thank you for the quick reply.
Am 11.09.2007 um 17:47 schrieb Roger Ineichen:
[...]
> Stephan and I hade a couple of discussions about to write
> a introspection test framework which shows us what can get
> accessed and what not, based on the configure.zcml directives
> registered all over the project.
>
> Probably we can take another look at this and write some
> minimal hacker tool wich tries to hack a running server
> by trying acessing all views and adapters etc.
We are definitely interested in such a tool and I would be glad to
spend some time on this at the sprint.
> Such a tool should also be able to generate a PDF report
> showing the security settings. But that's another story...
... but the easier one, considering tools like RML and z3c.rml at
hand ;-)
Regards,
Markus Kemmerling
Medical University Vienna
Core Unit for Medical Education
P.O. Box 10 A-1097 Vienna
phone: +43-1-40 160-36 863 fax: +43-1-40 160-93 65 00
http://www.meduniwien.ac.at/bemaw/
More information about the Zope3-users
mailing list