[Zope] Security Problem

James Davies jamesd@mena.org.au
Sun, 30 Mar 2003 10:40:12 +1000


Having multiple role seems like a huge overkill. When you get down to it, the 
users are defined in acl_users, a regular object. If you stripped the 
aquisition wrapper and placed acl_users in the context of the actual 
container, you would bypass all those problems as the acl_users would only be 
effective in siblings and their child nodes, which is the expected behavour. 

> If you configure priv_method in folder2 such that it is only viewable by
> folder2_admin, you won't be able to see it if your role is
> folder1_admin.  This suggests that the roles required for privileged
> operations should be tailored very carefully so as to available only to
> those intended to have them.  Re-using roles is too permissive in most
> cases.