Hi > Betreff: [Zope-dev] Re: Request typing (to get the xmlrpc > layer discussionfinished)
[...] > > We tend to think up complex use cases and then make the > zope framework > > more complicated to deal with them. Sometimes these are legitimate > > use cases, but they are rarely common cases and their > solutions should > > generally not be inflicted on the masses. Configure views on layers will prevent us form backdoors if we reuse this easy installable eggs ;-) Here is a simple sample of such a built-in backdoor: At our fresh zope installation: http://localhost:8080/@@absolute_url Of corse it's not this dangerous, but it shows you what I mean. I could you show many more of such built-in backdoors on production system, but will not do this here because of security reason. Regards Roger Ineichen _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
