Been playing around with WebDAV from IE5 connecting to a RedHat 6.1
+Zope 2.1.6
And it seems that quite a bit of the stuff that propably shouldn't be
visible can be seen,
for example acl_users
Without being logged in I can start a download of it, eventually IE5
fails, but I get this uncomfortable feeling that this is more due to IE5
not handling this document type than anything else...
If I used some other WebDAV client, could I then download acl_users, and
if so, would this expose usernames/passwords?
I haven't fiddled with the Security Tab for acl_users, so it should be
default permissions. Are they bad and what should they be changed to?
---
Mail: [EMAIL PROTECTED]
Phone: +46-708-555 456
Am I there? http://maja.luba.se/jacob/jacob.jpg
_______________________________________________
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )
