[Zope] scary security questions
Ty Sarna
tsarna@endicor.com
12 May 2000 17:02:00 GMT
In article <391C3916.20D32849@digicool.com>,
Tres Seaver <tseaver@digicool.com> wrote:
> The 'superuser' is about to become almost useless for standard site
> management (see the recent "Trojan" announcement for details). This is
> a Good Thing(TM), as it will induce people to create "management" users,
> which are much simpler to secure.
One thing I haven't seen addressed WRT the limiting of superuser's
access: How does one replace the top-level UserFolder? You can delete
the old one, but then the only users that are left to work with are
nobody and superuser, neither of whom is allowe dto create anything.
This also seems bad from a disaster recovery standpoint. Used to be,
even if the top-level userfolder was screwed up you could still get in
and fix things as superuser...