[Zope] acquisition and security
J. Cameron Cooper
jccooper at jcameroncooper.com
Wed Nov 19 18:10:13 EST 2003
Sune BrXndum WXller wrote:
>sorry, but this is the most silly thing i have seen so far !
>(and a bit annoying.....)
>That a folder aquires its sibling folders complete tree.
>I have several cmf-sites in the root of a zope-instance, which is
>hosted not by myself. I can actually write for instance
>www.dom1.com/dom2siterootfolder/dom2content and get content from
>site dom2.com shown in dom1.com
>
>No other way to stop aq. from its megalomania ?
>
>(its not a security issue, since the stuff has to be public, but its silly,
>and dangerous, inviting stupid things to happen.)
>
>
Acquisition is fundamental to Zope, and this is just the way things
work. And one of the features of this is that it doesn't insulate
between VHM sites. It may be a misfeature, but it is performing as designed.
Someone sufficiently clever and knowledgable (or sufficiently motivated)
about the acquisition machinery could probably figure out a way around
this. It should be easy to create a folder that does not acquire higher
than itself. And probably in all of 20 lines of filesystem code,
including boilerplate. Arranging things such that only acquisition to
folders mapped in a VHM is stopped, and doing it all in the VHM (so
generality of mapping targets is preserved) would pose a larger problem.
Still doable, I think, but I'm not about to go doing it for fun (it
doesn't really bother me that much.)
--jcc
--
"My point and period will be throughly wrought,
Or well or ill, as this day's battle's fought."
More information about the Zope
mailing list