[Zope-dev] Server Side Trojan Issue really dead?

Chris Withers chrisw@nipltd.com
Mon, 07 Aug 2000 14:24:20 +0100


Itamar Shtull-Trauring wrote:
> > Another simpler solution is to make all the pages unowned, make new
> > pages unowned, and make them remain unowned even when edited.
> 
> I think "unowned" in 2.2 is the like the 2.1 behaviour - executes at the
> privilige level of the viewer.

:(

I'd prefer it to be like the Unix 'nobody' but maybe this was needed for
backward compatability?

cheers,

Chris