Re: [Zope-dev] Import from upload?
- Original Message - From: Toby Dickenson <[EMAIL PROTECTED]> > I dont think that's going to fly. It's perfectly ok for a persistant > object to contain something that shouldn't be creatable. True enough. Further thought has made me realize that a persistent object could contain only valid instances and values, yet still subvert security simply by playing with normally inaccessible instance attributes (eg. import an acl_users containing a user with roles you don't possess). Doing things right would involve inspecting each unpickled object minutely to make sure it didn't have a bomb in its guts. Security is hard :-/ Cheers, Evan @ digicool & 4-am ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Import from upload?
- Original Message - From: Chris Withers <[EMAIL PROTECTED]> > Sin Hang Kin wrote: > > In web hosting environment like imeme.net, It is painful and unsecure for > > all to share the import directory for updating. > > And it's insecure for the service providor to allow importign over the > web :( Yesterday, Jim actually came up with the hint of the start of how web import could be made secure. It should be possibly to write an unpickler which consults the security machinery and ensures that the pickle doesn't instantiate anything that the user doesn't have permission to make. It may be quite a while before someone actually writes this, unless one of you folks wants to give it a shot ;-) Cheers, Evan @ digicool & 4-am ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Import from upload?
Sin Hang Kin wrote: > In web hosting environment like imeme.net, It is painful and unsecure for > all to share the import directory for updating. And it's insecure for the service providor to allow importign over the web :( Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )