[Zope] Re: Zope digest, Vol 1 #1892 - 46 msgs

Gary Poster Gary Poster" <garyposter@earthlink.net
Fri, 25 Jan 2002 11:24:51 -0500


> From: "Lennart Regebro" <lennart@regebro.nu>
> From: "Heimo Laukkanen" <huima@fountainpark.org>
> > Now if someone in service1 tries an URL www.service1.com/service2/foo -
> > Zope tries to find -- and can access if it exists -- service2/foo. Is
> > there a way to prevent this kind of thing happening?
>
> I don't know if you can stop the aqcuisition. But setting rights properly
> should
> at least stop any security problems.

Simple solution, if it is acceptable to you, and does not involve creating
too many items: in each virtual root folder, mask the other folders by
creating a document object named, in your example, service2.  Put an error
message in it, or make it a script that raises a redirect to something else.

Gary