-----BEGIN PGP SIGNED MESSAGE-----
Lennart Regebro wrote:
> On Thu, Jan 22, 2009 at 10:38, Chris Withers <ch...@simplistix.co.uk> wrote:
>>> Note that Jim never explained to me how he does these audits, but I gathered
>>> some methods he used in conversations. I think I did a pretty thorough job
>>> during the review.
>> Yeah, this disturbs me a lot still though :-S
> I know the feeling. :) I completely trust that Stephan did a good job
> if he thinks he did, but I would be happy if we could gather a bunch
> of smart people to spread the knowledge. Maybe a security review
> sprint at PyCon, or somesuch? I'd like to hang in a corner and suck up
> the smartness. :)
> Or, I'd love to help in a sprint to move to security proxies. It's a
> major job of course, and the minimal job is to make proxies that
> replicate the current very complex and idiosyncratic Zope2 security.
> At least such a sprint should be able to locate any big problems and
> "impossibilities" so we can think of a path to fix that.
Ugh. -1 to any attempt to use "space suits" in Z2. I would rather move
to a model which made it easy to mark some / all TTW objects as
"trusted", disabling security checks altogether: the "untrusted users
can edit TTW code" use case is pretty much irrelevant for any site I
have worked on, with the exception of "old Zope.org", in ten years of
working with Zope.
Tres Seaver +1 540-429-0999 tsea...@palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -