Oliver Bleutgen <[EMAIL PROTECTED]> wrote:
> Although I repeat myself, implementing this proposal would give me a lot
> of options to prevent myself from this kind of attack, completely or
> partially.
>
> - In Internet Explorer I can disable javascript. (problem solved)
> - In Internet Explor
On Friday 12 Apr 2002 7:19 pm, Jeffrey P Shell wrote:
>that your proposal isn't up there (or the catalog is up to its old charms ;)
No, its not up there.
>But now, does this mean I have to go through and tag every method that might
>cause a state change? Or might not?
You wont ever *have* to
Jeffrey P Shell wrote:
> I have to now admit to not having seen the proposal, I've just been
> following along here and struggling to capture the meaning of "idempotent"
> as it applies to Zope security, but I *think* I'm starting to grok it.
> Since a search for idempotent on zope.org yields no
Florent Guillaume wrote:
> Oliver Bleutgen <[EMAIL PROTECTED]> wrote:
>
>>The issue of client side trojan recently came to my mind again.
>>[..]
>>I think zope's management methods (the potentially destructive ones)
>>should not accept REQUESTs with REQUEST_METHOD "GET".
>>
>
> I like the idea
Oliver Bleutgen <[EMAIL PROTECTED]> wrote:
> The issue of client side trojan recently came to my mind again.
>[..]
> I think zope's management methods (the potentially destructive ones)
> should not accept REQUESTs with REQUEST_METHOD "GET".
I like the idea of trying to secure that kind of thing
On Thursday 11 April 2002 6:37 pm, Jeffrey P Shell wrote:
>On 4/11/02 7:55 AM, "Toby Dickenson" <[EMAIL PROTECTED]>
>Then you're lucky. Usually, any time I see "someNonIdempotentMethod()">, I immediately change it to the name lookup
>call. Don't blame me, I've been following this paradigm for
On Thu, 11 Apr 2002 18:53:54 +0200, Oliver Bleutgen <[EMAIL PROTECTED]>
wrote:
>With the implementation of Toby's proposal (barring the dtml-var thing,
>which isn't needed for that, as far as I see)
Correct. The dtml-var change only helps guard against a careless
dtml/zpt author reopening the s
Casey Duncan wrote:
[SNIP]
>
> Also, are we talking about only fixing the "action on GET" for the ZMI
> or for all Zope apps? If the answer is "Just the ZMI" then we are
> talking about doing something that has not been done before: Making the
> ZMI different from all other Zope apps. If the a
On Thursday 11 April 2002 5:16 pm, Casey Duncan wrote:
>The most troublesome case is where foo accepts any number of arguments
>(such as a DTML method or ZPT or any other method with **kw), and you
>cannot know whether it changes objects or simply returns some string or
>something.
Yes, that is
From: "Casey Duncan" <[EMAIL PROTECTED]>
> My point is how do you disinguish meaning "Call foo
> passing everything from the namespace that maps to an arg" from
> meaning "Call foo passing everything, but foo doesn't use
> anything" from "Call foo and foo takes no arguments" from
> "foo is not
First, Toby, thanks for that proposal, it's indeed far more elegant than
the mess I had in mind.
Casey Duncan wrote:
> Toby Dickenson wrote:
> [snip]
>
>> 4. Change dtml to not allow ,
>> although it should still allow
>
>
> Ahhh!
>
> How do you propose to do that? I see a lot of bruised f
is not even close to the equivilant of
The former uses mapply to comb the namespace for arguments and maps them
to the callable and then calls it (if it is a callable, that is). IOW
foo could have any number of arguments. The latter always calls foo with
no argument.
My point is how do you
On Thursday 11 April 2002 4:39 pm, Casey Duncan wrote:
>Toby Dickenson wrote:
>[snip]
>
>> 4. Change dtml to not allow , although
>> it should still allow
>
>Ahhh!
>
>How do you propose to do that? I see a lot of bruised foreheads
>resulting from this...
Really? only works with methods that tak
Toby Dickenson wrote:
[snip]
> 4. Change dtml to not allow , although it
> should still allow
Ahhh!
How do you propose to do that? I see a lot of bruised foreheads
resulting from this...
> How many problems would this cause.
[snip]
>
> c. It affects code that uses to call a
> method w
On Wednesday 10 April 2002 5:07 pm, Brian Lloyd wrote:
>> >> should not accept REQUESTs with REQUEST_METHOD "GET".
>> >
>> >This is hard, hard, problem. While some good ideas have been
>> >proposed, there is not really a quick fix that doesn't have
>> >some downside that some group somewhere consi
Lennart Regebro wrote:
> From: "Oliver Bleutgen" <[EMAIL PROTECTED]>
>
>>I was thinking more of something like adding the checks individually to
>>each method in stock zope for which it is appropriate.
>>
>>Brian is of course right in his other mail by stating that this might
>>and will break cus
From: "Oliver Bleutgen" <[EMAIL PROTECTED]>
> I was thinking more of something like adding the checks individually to
> each method in stock zope for which it is appropriate.
>
> Brian is of course right in his other mail by stating that this might
> and will break custom products which use the wr
Lennart Regebro wrote:
> From: "Oliver Bleutgen" <[EMAIL PROTECTED]>
>
>>I think zope's management methods (the potentially destructive ones)
>>should not accept REQUESTs with REQUEST_METHOD "GET".
>>
>
> Do you have any proposal for how to go about doing this?
Well, I don't see how one could
> >> should not accept REQUESTs with REQUEST_METHOD "GET".
>
> >This is hard, hard, problem. While some good ideas have been
> >proposed, there is not really a quick fix that doesn't have
> >some downside that some group somewhere considers a
> >showstopper :(
>
> I agree Olivers suggestion i
From: "Oliver Bleutgen" <[EMAIL PROTECTED]>
> I think zope's management methods (the potentially destructive ones)
> should not accept REQUESTs with REQUEST_METHOD "GET".
Do you have any proposal for how to go about doing this?
___
Zope-Dev maillist
On Tue, 9 Apr 2002 13:17:40 -0400, "Brian Lloyd" <[EMAIL PROTECTED]>
wrote:
>> I think zope's management methods (the potentially destructive ones)
and 'coonstructive' ones too
>> should not accept REQUESTs with REQUEST_METHOD "GET".
>This is hard, hard, problem. While some good ideas have be
Brian Lloyd wrote:
>>[proposal of dissallowing GETs for management methods]
>>The win would be that disabling javascipt would make a client save from
>>this form of attack, AFAIK, OTOH I can't think of anything which would
>>break ATM.
>>
>
> While I don't necessarily disagree about making
> The issue of client side trojan recently came to my mind again.
> Looking at http://www.zope.org//Members/jim/ZopeSecurity/ClientSideTrojan
> I found nothing new since Oct. 2001, so I thought I bring up the issue
> again, maybe it's something which could be taken care of for zope => 2.6.
>
> I
23 matches
Mail list logo
