[Zope-CMF] CopySupport and FSPythonScripts?

Dieter Maurer dieter@handshake.de
Thu, 16 Aug 2001 23:00:14 +0200 (CEST)


Robert Rottermann writes:
 > .... Pasting raises "Unauthorized"
 > All this object creating and copying is done in a python script. Its has
 > every possible proxy role.
This is a (serious) bug in "CopySupport._verifyObjectPaste",
as found out be Lee Harr recently.
"_verifyObjectPaste" does not take "execution security" into
consideration: proxy roles and owner security of the executing
object are ignored. 


Dieter