[Zope] Re: REMOTE_USER Security Issue
Martijn Pieters
mj at zopatista.com
Tue May 16 08:58:05 EDT 2006
On 5/16/06, Cliff Ford <Cliff.Ford at ed.ac.uk> wrote:
> So I still wonder if anyone who is ising the REMOTE_USER environment
> variable is aware of a problem and has a solution.
Environment-related variables should not be "hackable" from restricted
code. Please file a report in de Zope Collector:
http://www.zope.org/Collectors/Zope
You'll need to log in (create a Zope.org account if you don't yet have
one), and make sure you check the 'security related' tickbox.
Thanks,
--
Martijn Pieters
More information about the Zope
mailing list