[Zope3-dev] security problems with database adapters (second
edition)
Stephan Richter
srichter at cosmos.phy.tufts.edu
Sun Aug 28 17:12:05 EDT 2005
On Friday 26 August 2005 11:51, Velko Ivanov wrote:
> My question is, does this eventually mean, that ZopeConnection objects,
> which are created at run-time, are not security proxied and consequently
> unauthorized in all cases (except the system_user) and if yes, what
> should be done? I'm not familiar with the Zope3 environment and I don't
> know how and where objects get proxied.
> Or is there something I'm missing here ?
I think Dimitry addressed this problem. Is it still a problem? If so, do you
have enough experience to produce a functional test demonstrating the
problem?
Regards,
Stephan
--
Stephan Richter
CBU Physics & Chemistry (B.S.) / Tufts Physics (Ph.D. student)
Web2k - Web Software Design, Development and Training
More information about the Zope3-dev
mailing list