[ZCM] [ZC] 867/ 3 Comment ""FTP access" permission too broad"

Collector: Zope Bugs, Features, and Patches ... zope-coders-admin@zope.org
Thu, 27 Mar 2003 18:11:32 -0500 

Issue #867 Update (Comment) ""FTP access" permission too broad"
 Status Rejected, Zope/bug medium
To followup, visit:
  http://collector.zope.org/Zope/867

==============================================================
= Comment - Entry #3 by Cantanker on Mar 27, 2003 6:11 pm

> "FTP Access" - do things via FTP.

Yes, that's my point.  "Things" is *everything*, that is, it's too broad.

> So, if you want a role to be able to only view things by FTP,

No, that is not what I said.  I said I want to restrict a user's FTP access, not restrict a user *to* FTP access.

Consider this layout:

/users/acl_users
/users/user1
/users/user2
/users/user3

The owner of folder userX is the user /users/acl_users/userX, and I grant the role Owner the appropriate management permissions on /users ("View management screens", "Add Documents, etc.", "FTP access").  user1 can log in to /users/user1/manage because they are the owner, but they can't manage /users.  But in order to traverse via FTP to /users/user1, they need "FTP access" on /users, which has to be granted to Authenticated which then allows them to view that folder, and everything in it unless I remove that permission individually from every object, which is not always practical.

The problem is a too-broadly-defined permission, "FTP access", which assumes all FTP operations are the same, which they are not.

The analogy is with the UNIX "executable" permission on a directory: you can access it (ie, "traverse" in Zope parlance) but you can't read it ("view" in Zope parlance).  This distinction is not made by the Zope access control machinery.


________________________________________
= Reject - Entry #2 by chrisw on Mar 27, 2003 2:10 am

 Status: Pending => Rejected

This is already pretty comprehensively covered:
"Access contents information" - Traverse and list folders
"View" - view the folder of execute/use things contained within it.
"FTP Access" - do things via FTP.

So, if you want a role to be able to only view things by FTP, give it the "Access cotents information" and "FTP Access" permissions, but not the "View" permission.
________________________________________
= Request - Entry #1 by Cantanker on Mar 27, 2003 12:35 am

The permission "FTP access" appears to control both *listing* folders and *traversing* folders.  This means a user must have the "FTP access" permission in all folders above the target just to view the target, making it impossible to restrict a user's FTP access to a particular folder.

I would recommend using the "View" permission for FTP traversal (so that it mirrors the behaviour of TTW), and "FTP access" to list the contents of that folder.
==============================================================