[Zope-dev] Re: vulnerability in zope 2.10.4

Andreas Zeidler az at zitc.de
Wed Jul 11 21:37:03 EDT 2007


On Jul 12, 2007, at 2:50 AM, Tres Seaver wrote:
>> so, unless i'm completely wrong here, i'd say this is a pretty
>> serious security whole, no?
>
> No.  It has been an accident that, until just recently, the
> filesystem-based templates in a Five view were running as "untrusted"
> code.

yep, martin's already told me the same on irc, along with the history  
of your fix.  but thanks for the quick answer...

> So, for
> instance, it is possible for the author of the view class to write
> methods which exposed "private" attributes to the view's template, for
> instance (and has beenn since before Five was added to Zope).

i know that, of course, but was assuming that rendering five views as  
untrusted code was intentional, especially since templates registered  
for "*" could potentially be pretty harmful.  plus i wasn't expecting  
an imho significant change like that to happen in a bugfix release.

but anyway, thanks for clarifying! :)


andi

--
zeidler it consulting - http://zitc.de/ - info at zitc.de
friedelstraße 31 - 12047 berlin - telefon +49 30 25563779
pgp key at http://zitc.de/pgp - http://wwwkeys.de.pgp.net/
sprint with us! - http://plone.org/events/sprints/potsdam-sprint-2007


-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://mail.zope.org/pipermail/zope-dev/attachments/20070712/d3ca1f78/PGP.bin


More information about the Zope-Dev mailing list