Am Fr, den 27.08.2004 schrieb Lennart Regebro um 11:32:
> Lennart Regebro wrote:
> > Another idea: Maybe I could make an object that does not have public 
> > access, and store that in the session?
> That seems to work!
> Here is the class:
> class ProtectedUsername:
>      """An object where the username is not accessible from user code."""
>      def _setUsername(self, username):
>          self.__username = username
>      def _getUsername(self):
>          return self.__username
> Very simple indeed.
> It is impossible to define up a class that has methods that start with 
> underscore from user code. and even other usercode classes seem not to 
> be pickable (is that correct?) so even though you can replace the value 
> of SESSION['__ac'] you can't replace it with any usercode object, and 
> definitely not with anything that has a _getUsername() method.
> And, as additional security, when I use I check that it really is a 
> ProtectedUsername object:
>      if ob is not None and isinstance(ob, ProtectedUsername):
>          username = ob._getUsername()
> This *should* mean, that as long as you don't allow usercode to import a 
> ProtectedUsername object, it should be safe. In fact, you can't even 
> figure out what the username is. ;)
Even a traceback will not show this username anymore if its inside
an object without __repr__ :-)


Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to