Ivo van der Wijk wrote:
> I tried to ask this on the standard zope list, but noone seemed to know
> anything about it. Perhaps you do?
>
> We provide zope hosting, both folder based (where people have access
> to their own folder, mapped to a domain, and no access to the zope
> server / source / var / import / lib directories) and pure zope hosting
> (i.e. an entire own zope server for this customer)
>
> In the folder case, one of our customers whishes to upload his locally
> developped site as .zexp to our zope server and import it there.
>
> Can this be done safely? I.e. withouth compromising the other customers
> security?
No. It's not just difficult, but with zexp it's not possible.
>
> >From some discussions where had on #zope I understand that expecialy
> proxy roles may be a problem which may be fixed by requiring the user
> to take ownership.
>
> Would this fix all security issues? Or are there any other unforseen problems?
>
> Would anyone know another solution to achieve the same functionality?
> (ftp won't work, as you can't, for example, upload userfolders)
>
> Would it be possible to perform a scan on an xml exports for unwanted
> proxy roles and other security issues?
There are infinite ways to plant a security hole in a .zexp.
What you're really looking for is a different kind of import/export
format. This is actually a great opportunity for a new product:
something that can import and export only specific kinds of objects and
can strip security-related attributes. It could be web-enabled rather
than requiring filesystem access.
I guess the question is then "how badly do you want it"? :-)
Shane
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
