Re: [Zope-dev] Vulnerability in Zope

Andy McKay Sun, 23 Sep 2001 16:44:42 -0700
Haven't we been complaining about this automatic appending of tracebacks for
a while? To me this is what log files are for.... but Im not sure what this
guy is on. I wouldnt count this as a "security vulnerability".

----- Original Message -----
From: "Chris Withers" <[EMAIL PROTECTED]>
To: "Paul Everitt" <[EMAIL PROTECTED]>; "ALife" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Sunday, September 23, 2001 10:44 AM
Subject: Re: [Zope-dev] Vulnerability in Zope


> > Do others consider this a vulnerability?
>
> Yup... especially given the hard-coded (sigh) error page returned for
> authentication error gives out this information :-(
>
> Chris
>
>
>
> _______________________________________________
> Zope-Dev maillist  -  [EMAIL PROTECTED]
> http://lists.zope.org/mailman/listinfo/zope-dev
> **  No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope )
>



_______________________________________________
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Vulnerability in Zope

Reply via email to
