By the way, I think there are bigger security problems in cocoon...
Don't be shy and speak out loud :) What do have you in mind exactly? -- Torsten
Sorry - wasn't being shy, just trying to be quick and didn't have time to get fully into that fully right now (nor to fix what I mention ATM). For starters though there's this:
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=14286 (SQL injection in DatabaseAuthenicatorAction )
Also, is cocoon-reload still enabled by default? seems a wget in a loop with ?cocoon-reload=true could put a site in a world of hurt... (by the way, last time I checked Jetty/Cocoon cvs is barfing on that..)
I've worked on the multipart file uploads because I felt the original status posed security/abuse issues. It's now at a better point but I think there are still some issues I'm not (at an RF level) convinced are OK. IIRC the default is now to allow "in-memory" uploads only which is a step better.
I also should have said security "questions" at this stage, because I haven't had time to really dig into the nagging questions I've had in some areas. I'll do so and get back.
One I'd really like to look into is places where directory traversal could be successful, depending on your matchers.
OK, gotta get back to work - I'm in the middle of a launch.
Geoff
