Hi, Am Fr, den 27.08.2004 schrieb Lennart Regebro um 11:32: > Lennart Regebro wrote: > > Another idea: Maybe I could make an object that does not have public > > access, and store that in the session? > > That seems to work! > > Here is the class: > > class ProtectedUsername: > """An object where the username is not accessible from user code.""" > def _setUsername(self, username): > self.__username = username > > def _getUsername(self): > return self.__username > > Very simple indeed. > > It is impossible to define up a class that has methods that start with > underscore from user code. and even other usercode classes seem not to > be pickable (is that correct?) so even though you can replace the value > of SESSION['__ac'] you can't replace it with any usercode object, and > definitely not with anything that has a _getUsername() method. > And, as additional security, when I use I check that it really is a > ProtectedUsername object: > > if ob is not None and isinstance(ob, ProtectedUsername): > username = ob._getUsername() > > This *should* mean, that as long as you don't allow usercode to import a > ProtectedUsername object, it should be safe. In fact, you can't even > figure out what the username is. ;) > Even a traceback will not show this username anymore if its inside an object without __repr__ :-)
Regards Tino _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )