[ZDP] BackTalk to Document The Zope Book (2.5 Edition)/Users and Security

webmaster@zope.org webmaster@zope.org
Fri, 04 Oct 2002 01:15:14 -0400


A comment to the paragraph below was recently added via http://www.zope.org/Documentation/Books/ZopeBook/current/Security.stx#4-25

---------------

        The emergency user is only really useful for two things:
        fixing messed up permissions, and creating manager
        accounts. As we saw in Chapter 2, "Using Zope" you can log in
        as the emergency user to create a manager account when none
        exist. After you create a manager account you should log out
        as the emergency user and log back in as the manager.

          % shawnharrison - Oct. 4, 2002 1:15 am:
           I guess I don't understand "emergency user." What prevents Joe Anonymous user from creating a Joe A.
           Emergency user for himself, with which he makes a Joe A. E. Manager user for himself to hack the system?