On Tue, Nov 15, 2005 at 11:02:06AM +0000, Chris Withers wrote: | Philipp von Weitershausen wrote: | >True, it's not the nicest solution. But you could make it safer by first | >stripping the according request variable from the QUERY_STRING. | >mod_rewrite is quite powerful in that respect. | | Is it just me, or should a deep feeling of uneasiness accompany the | extraction of authentication credentials from a query string? ;-)
It's not just you. :-) The hole this creates is: someone makes an HTTP request directly to Zope bypassing apache altogether. This request could simply present any username desired. Some ways to limit the exposure of the hole is to have zope listen on the loopback interface only. Then prevent all shell access on the system. The only remaining hole at this point is if someone can abuse some other network-accessible service and coerce it into making the request (or to open a back door). -D -- Bugs come in through open windows. Keep Windows shut! www: http://dman13.dyndns.org/~dman/ jabber: [EMAIL PROTECTED]
signature.asc
Description: Digital signature
_______________________________________________ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
