[ZPT] How are you ZPT users securing your interfaces?
Kevin Gill
Kevin.Gill at newaddress.ie
Thu Feb 10 03:35:37 EST 2005
Thanks Dieter,
I had seen that they could be deactivated. I didn't make the logical jump
that I have to disable the feature. I will do that on my production systems.
Thanks
Kevin
----- Original Message -----
From: "Dieter Maurer" <dieter at handshake.de>
To: "Kevin Gill" <Kevin.Gill at newaddress.ie>
Cc: <zpt at zope.org>
Sent: Wednesday, February 09, 2005 8:25 PM
Subject: Re: [ZPT] How are you ZPT users securing your interfaces?
> Kevin Gill wrote at 2005-2-8 11:16 -0000:
>>I have used a site access method to prevent traversal of certain folders
>>as
>>you suggested below. I reject IP's other than my office IP address. This
>>is
>>a good security measure, and is much simpler than working access rights
>>down
>>through all the scripts, methods etc that I use (possibly laziness).
>
> You are aware that AccessRules can be deactivated via specially
> constructed URLs?
>
> When you want to have real security via AccessRules, you
> will need to disable this feature (changing the code).
>
> --
> Dieter
More information about the ZPT
mailing list