[ZPT] How are you ZPT users securing your interfaces?

Kevin Gill Kevin.Gill at newaddress.ie
Thu Feb 10 03:35:37 EST 2005


Thanks Dieter,

I had seen that they could be deactivated. I didn't make the logical jump 
that I have to disable the feature. I will do that on my production systems.

Thanks

Kevin


----- Original Message ----- 
From: "Dieter Maurer" <dieter at handshake.de>
To: "Kevin Gill" <Kevin.Gill at newaddress.ie>
Cc: <zpt at zope.org>
Sent: Wednesday, February 09, 2005 8:25 PM
Subject: Re: [ZPT] How are you ZPT users securing your interfaces?


> Kevin Gill wrote at 2005-2-8 11:16 -0000:
>>I have used a site access method to prevent traversal of certain folders 
>>as
>>you suggested below. I reject IP's other than my office IP address. This 
>>is
>>a good security measure, and is much simpler than working access rights 
>>down
>>through all the scripts, methods etc that I use (possibly laziness).
>
> You are aware that AccessRules can be deactivated via specially
> constructed URLs?
>
> When you want to have real security via AccessRules, you
> will need to disable this feature (changing the code).
>
> -- 
> Dieter 



More information about the ZPT mailing list