[Zope] Re: [Zope-dev] Introspection, managing External Methods?

Andreas Kostyrka andreas@mtg.co.at
Tue, 20 Jul 1999 15:32:59 +0200 (CEST)


On Sun, 18 Jul 1999, Robin Becker wrote:

> In article <lswvvxkauu.fsf@aldous.digicool.com>, michel@digicool.com
> writes
> >Robin Becker <robin@jessikat.demon.co.uk> writes:
> >
> ...
> >XML-RPC worms (now THAT would be cool!).  The last thing we want to
> >see is a back orifice for Zope, which is exactly what I think could be 
> >developed if we ever provided a hole through Zope's security machinery.
> >
> >-Michel
> in which case why allow any external methods since these allow exactly
> the things you wish to forbid.
Well, that's why they have to be installed in the filesystem. A mere Zope
site manager password is not enough for this :)

> Sitting at a terminal I can create a hole this hole which is propagated
> via Zope. What is the difference if the hole is programmed via Zope.
The difference is authentication. I might allow some dummies management
access to Zope. Allowing the user to add his own external methods without
administration intervention is like allowing the user to install his own
CGI scripts. This can go wrong very fast.

Andreas
-- 
Win95: n., A huge annoying boot virus that causes random spontaneous system
     crashes, usually just before saving a massive project.  Easily cured by
     UNIX.  See also MS-DOS, IBM-DOS, DR-DOS, Win 3.x, Win98.