[Zope] Re: superuser confusion
Evan Simpson
evan@4-am.com
Tue, 5 Sep 2000 01:49:30 -0400
From: "Chris McDonough" <chrism@digicool.com>
> On Mon, 4 Sep 2000, Chris Withers wrote:
> > Well, okay, let me rephrase the question:
> > Why is it bad for the bootstrap user to own anything?
> > It used to be considered okay before Zope 2.2, so was has been
> > changed/discovered that makes this now such a bad idea that despite
> > loads of newbie pain and confusion, it's still worth while/necessary?
>
> I've got to say I agree with you here. I'm still not 100% sure why the
> superuser or bootstrap user can't own anything.
It's due to a combination of the trojan horse issue and the sticky
authentication issue, I think. You really don't want to be authenticated as
super very often, because while you are, if you visit a page someone else
wrote, they can make your browser do evil things to your site. This is also
true of Managers, but less so. Similarly, a page owned by non-super has
tighter permissions than one owned by the super would.
Ideally, people working in a site should be operating with the bare minimum
of privileges to get the job done. The super should only be called in when
no one else can fix it.
Cheers,
Evan @ digicool & 4-am