[Zope] Security problems with localFS and PCGI

Jonothan Farr jfarr@real.com
Fri, 12 May 2000 17:36:50 -0700


You can restrict access to LocalFS in the following ways:

- by restricting the permissions of the Zope process in the file system
- by restricting the permissions of Zope users in the LocalFS object
- by limiting the base path of the LocalFS object. No one should be able to
access anything outside of the base path

I think in this case you would want to use method #3 don't create LocalFS
objects that can access your restricted content. For example, if your directory
structure is:

/home/www
    /data
    /images
    /secure

You could create LocalFS objects with base paths:

/home/www/data
/home/www/images

Then /home/www/secure could not be accessed. Unfortunately, there is no way to
create a LocalFS pointing to /home/www without giving it access to secure/. What
you could do in that case is move the content up to /home/www-secure and
configure apache to serve that directory from the base path /secure.

Hope this helps,
--jfarr

"Perl is worse than Python because people wanted it worse."
Larry Wall, 14 Oct 1998

----- Original Message -----
From: Alexandre A. Drummond Barroso <alexandre@intelligenesis.net>
To: <zope@zope.org>
Sent: Friday, May 12, 2000 4:33 PM
Subject: [Zope] Security problems with localFS and PCGI


> When Zope started as PCGI, it runs at the same user of the web server process
(I'm using a variant of Apache).
>
> So for every file the web server has access, localFS product has access too.
But some areas of the web site are restrict area (must
> be accessed with authentication certificates).
>
> If a content manager user can create localFS objects into Zope, the restrict
content can be accessed.
>
> Is there a way to configure Zope of localFS to limit access to files in file
system?
>
> Thanks for any help.
>
> Alexandre A. Drummond Barroso
> Extranet Software Engineer
> Intelligenesis Corp.