----- Original Message -----
From: "Mark, Jonathan (Integic)" <[EMAIL PROTECTED]>
To: "Jonathan" <[EMAIL PROTECTED]>; <email@example.com>
Sent: Friday, January 26, 2007 2:32 PM
Subject: RE: [Zope] Is there any way to turn off the publishing of
externalmethods to the web in Zope?
Using a proxy role on the calling Python Script worked. My guess is that a
clever hacker could call the Python Script continually and then create a
race condition that would permit him to call the External Method directly
in a URL, thus passing the External Method his own malicious parameters.
That's why i suggested, in an earlier response, a URL test within the
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -