-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cliff Ford wrote:
> My people want to adopt a single sign-on system for web applications
> that is based on the REMOTE_USER environment variable. I have tried out
> RemoteUserFolder and also adapted exUserFolder to work similarly.
> 
> My problem is that I figured out how a user who has permission to create
> python scripts (might work with dtml and page templates too) could
> access otherwise forbidden content by making calls that pretend to come
> from another user. Has any one else come across this problem and devised
> a solution, either in software or organisation?
> 
> Problem verified with Zope 2.9.2 and latest RemoteUserFolder


User folders who care need to look at the request's 'environ' dict, e.g.::

  remote_user = request.environ['REMOTE_USER']  # not hackable

rather than the default one where untrusted code can scribble::

  remote_user = request['REMOTE_USER']  # hackable


Tres.
- --
===================================================================
Tres Seaver          +1 202-558-7113          [EMAIL PROTECTED]
Palladion Software   "Excellence by Design"    http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFEaMVi+gerLs4ltQ4RAqUIAJsHpcPQTX7jv+db+DRG9TApaIImVQCgqCZn
lPXu2KJoCLtTOSTyUJTIJ24=
=3r0r
-----END PGP SIGNATURE-----

_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to