[Zope] acquisition and security

Jamie Heilman jamie at audible.transient.net
Tue Nov 18 21:41:05 EST 2003


Paul Howell wrote:
> I have several sites running next to each other, each in its own folder, 

The easy answer is, "don't do that."  If you want data integrity
between virtualhosts, don't store them in the same zope instances.

The complicated answer is to use a Site Access Rule to stop undesired
acquisition.  No I don't have any examples because I've never seen it
done.  Its the solution has been offered up before for this problem
but nobody ever seems to pony up an actual example of working code.
Perhaps it doesn't matter anyway as Site Access Rules are trivial to
bypass and probably shouldn't be used for security (or anywhere they
must reliably trigger).  

-- 
Jamie Heilman                     http://audible.transient.net/~jamie/
"Most people wouldn't know music if it came up and bit them on the ass."
                                                        -Frank Zappa



More information about the Zope mailing list