Been playing around with WebDAV from IE5 connecting to a RedHat 6.1
+Zope 2.1.6

And it seems that quite a bit of the stuff that propably shouldn't be
visible can be seen,
for example acl_users

Without being logged in I can start a download of it, eventually IE5
fails, but I get this uncomfortable feeling that this is more due to IE5
not handling this document type than anything else...

If I used some other WebDAV client, could I then download acl_users, and
if so, would this expose usernames/passwords?

I haven't fiddled with the Security Tab for acl_users, so it should be
default permissions. Are they bad and what should they be changed to?

Phone: +46-708-555 456
Am I there?

Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to