[Zope] Security Problem
Thu, 27 Mar 2003 11:39:44 +1000 (EST)
I have a Zope server running with two instances of plone, "Plone1" and
plone2 is a demo site with a user "Demo" having the role 'Manager' available
to the public. plone1 is a regular plone site.
If I log in to plone2 as the user Demo, then go to the following url:
The permissions are acquired from the demo site giving full Manager access
to my main plone site. This is obviously a serious problem.
Any ideas how I can stop the permissions from being acquired under that
situation without breaking anything?