On 28/10/2011 08:46, yuppie wrote:
> Is that the fault of the publisher? AFAICT the biggest security problem
> of Zope2 is this line in OFS.SimpleItem.Item:
> # Allow (reluctantly) access to unprotected attributes
> I'm not familiar with the details of the first hotfix, but the second
> one wouldn't have been necessary without that line.
Yep, that's what should have been done in the first place.
Simplistix - Content Management, Batch Processing & Python Consulting
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -