[Zope] Is there any way to turn off the publishing of externalmethods to the web in Zope?

Chris Withers chris at simplistix.co.uk
Mon Jan 29 06:09:32 EST 2007


Mark, Jonathan (Integic) wrote:
> Using a proxy role on the calling Python Script worked. My guess is that a clever hacker could call the Python Script continually and then create a race condition that would permit him to call the External Method

Why would calling a python script continuously set up a race condition?

> However, for now Proxy is sufficient. Thanks. 

If you can find a security hole, it'd be addressed pretty fast...

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk


More information about the Zope mailing list