-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

bruno modulix wrote:

> Dieter, I didn't misunderstood your proposed solution. But some users
> exist in different CPMs with different roles in each CPM. So - unless
> I'm totally at lost with how Zope's security works - if User1 has role
> RoleWithMuchPrivileges in Cpm1 and role RoleWithFewPrivileges in Cpm2,
> he could gain RoleWithMuchPrivileges in Cpm2 just by using faked url
> cpm1/cpm2/whatever_he_should_not_access_here. Worse, anyone existing in
> any CPM could gain access to any other CPM just by faking url.

The Zope2 security machinery explicitly prevents such abuse by
considering only "containment" acquisition when evaluating local roles,
acquired permission maps, etc.  It also insists that the user being
considered exist "in context of" the object being validated.


Tres.
- --
===================================================================
Tres Seaver          +1 202-558-7113          [EMAIL PROTECTED]
Palladion Software   "Excellence by Design"    http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDPTcq+gerLs4ltQ4RAuJKAJ0Y6z6iNRMuH7AgjVvF3rOI5FTFkQCfV5SU
zV03BmP/HeQa2KHVFhhHdrA=
=JmJp
-----END PGP SIGNATURE-----

_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to