Mailing List Archive

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://collective-docs.plone.org/security/permissions.html#bypassing-permission-checks

(works only from trusted code like browser views or package code - not
from PythonScripts)

- -aj

Brian Sullivan wrote:
> I am looking at a situation (an online self registry process) where I
> want to allow a user that is not logged in to be able to create a user
> and do a number of other functions normally reserved for and
> restricted to logged in users with a fairly elevated rights. I need to
> perform these functions from a Python script.
>
> What is the best strategy for doing this? I am thinking that creating
> a separate python script that has elevated rights and allowing
> Anonymous access to it and calling it from a script that does not have
> elevated rights is the best strategy to manage it. Am I creating a
> huge security hole by doing this?
> _______________________________________________
> Zope maillist - Zope@zope.org
> https://mail.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> https://mail.zope.org/mailman/listinfo/zope-announce
> https://mail.zope.org/mailman/listinfo/zope-dev )


- --
ZOPYX Limited | zopyx group
Charlottenstr. 37/1 | The full-service network for Zope & Plone
D-72070 Tübingen | Produce & Publish
www.zopyx.com | www.produce-and-publish.com
- ------------------------------------------------------------------------
E-Publishing, Python, Zope & Plone development, Consulting


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQGUBAEBAgAGBQJNDF54AAoJEADcfz7u4AZjP3ALv3Wf/qV13mgyzFz3Stm81tYg
PMe2v/mj2eYfLFXuPR4LhTnickMfRJJNdD/LYwOdK6GLgvh307GkM/0mrCrpeHoO
pIizuTuYhsl5ITdaUF3R+VcHlRmIZsNrYIEummmNAQjMW0hLA3XEefv9KvlV+P53
q6rzHq4n9T4JkKBh/QX0KiMVZOHeRjV1AnC3hXyqhbZCd8/pCgJDVsecbEBWlFrj
izDhb6q+THHsjzRTbKzljnXJw8/he8TeCbN8cmjrlAVW5UhO/AIRQ2ikPh2GybAl
pUSRuHux78+WRaw4av1WG+XBWVS1uZNmJnsNFPNr8NY7OE7hvSBttZTVzWmf9VyT
jHWkpNKRROd83mpfZuHh3m9Ei6v5AvCFzr5Lt1O/M4bH4Rki8aqRqyzDy9fYEIW1
+CAhxUN511v2zSmcpmLClhkErZQP3qp0uXi+TIAj+/tbrXs8I7/fOlo/VWXMzxNy
XM85seHdMYlWgsRbX/sVJKn5NOpqLsk=
=UTd0
-----END PGP SIGNATURE-----

Hi all,

When I face a situation like Brian describes I am used to using Proxy
roles on the publicly available script to give it permission to do the
restricted actions. Is that a good approach or should I not use this?

One of the difficulties when using Proxy roles is that they do not
propagate to the scripts/methods being called by the script that has the
Proxy roles set.

Regards, Bart

PS. I'm new on the mailing list. My name is Bart Jansen and in my spare
time I manage a couple of Zope2 sites for non-profit student sports
clubs in the Netherlands.

Op 18-12-2010 8:10, Andreas Jung schreef:
> http://collective-docs.plone.org/security/permissions.html#bypassing-permission-checks
>
> (works only from trusted code like browser views or package code - not
> from PythonScripts)
>
> -aj
>
> Brian Sullivan wrote:
>> I am looking at a situation (an online self registry process) where I
>> want to allow a user that is not logged in to be able to create a user
>> and do a number of other functions normally reserved for and
>> restricted to logged in users with a fairly elevated rights. I need to
>> perform these functions from a Python script.
>
>> What is the best strategy for doing this? I am thinking that creating
>> a separate python script that has elevated rights and allowing
>> Anonymous access to it and calling it from a script that does not have
>> elevated rights is the best strategy to manage it. Am I creating a
>> huge security hole by doing this?
>> _______________________________________________
>> Zope maillist - Zope@zope.org
>> https://mail.zope.org/mailman/listinfo/zope
>> ** No cross posts or HTML encoding! **
>> (Related lists -
>> https://mail.zope.org/mailman/listinfo/zope-announce
>> https://mail.zope.org/mailman/listinfo/zope-dev )
>
>

_______________________________________________
Zope maillist - Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
https://mail.zope.org/mailman/listinfo/zope-announce
https://mail.zope.org/mailman/listinfo/zope-dev )

Yeah -- I rediscovered Proxy roles and that seems like the most
straightforward strategy -- not sure if there counter indicators
though that would make that strategy problematic.


On Sat, Dec 18, 2010 at 10:42 AM, Bart Jansen
<bart.jansen@esac.climbing.nl> wrote:
> Hi all,
>
> When I face a situation like Brian describes I am used to using Proxy
> roles on the publicly available script to give it permission to do the
> restricted actions. Is that a good approach or should I not use this?
>
> One of the difficulties when using Proxy roles is that they do not
> propagate to the scripts/methods being called by the script that has the
> Proxy roles set.
>
> Regards, Bart
>
> PS. I'm new on the mailing list. My name is Bart Jansen and in my spare
> time I manage a couple of Zope2 sites for non-profit student sports
> clubs in the Netherlands.
>
> Op 18-12-2010 8:10, Andreas Jung schreef:
>> http://collective-docs.plone.org/security/permissions.html#bypassing-permission-checks
>>
>> (works only from trusted code like browser views or package code - not
>> from PythonScripts)
>>
>> -aj
>>
>> Brian Sullivan wrote:
>>> I am looking at a situation (an online self registry process) where I
>>> want to allow a user that is not logged in to be able to create a user
>>>  and do a number of other functions normally reserved for and
>>> restricted to logged in users with a fairly elevated rights. I need to
>>> perform these functions from a Python script.
>>
>>> What is the best strategy for doing this? I am thinking that creating
>>> a separate python script that has elevated rights and allowing
>>> Anonymous access to it and calling it from a script that does not have
>>> elevated rights is the best strategy to manage it. Am I creating a
>>> huge security hole by doing this?
>>> _______________________________________________
>>> Zope maillist  -  Zope@zope.org
>>> https://mail.zope.org/mailman/listinfo/zope
>>> **   No cross posts or HTML encoding!  **
>>> (Related lists -
>>>  https://mail.zope.org/mailman/listinfo/zope-announce
>>>  https://mail.zope.org/mailman/listinfo/zope-dev )
>>
>>
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> https://mail.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  https://mail.zope.org/mailman/listinfo/zope-announce
>  https://mail.zope.org/mailman/listinfo/zope-dev )
>
>
_______________________________________________
Zope maillist - Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
https://mail.zope.org/mailman/listinfo/zope-announce
https://mail.zope.org/mailman/listinfo/zope-dev )

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Brian Sullivan wrote:
> Yeah -- I rediscovered Proxy roles and that seems like the most
> straightforward strategy -- not sure if there counter indicators
> though that would make that strategy problematic.

Weird question - nobody knows about the code that you intend to write.
If you are granting elevated rights to anonymous users one must be
very careful...

- -aj
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQGUBAEBAgAGBQJNDbboAAoJEADcfz7u4AZjCqELwMi4OtDJIWCmuSslPwVFfnTL
wYjrs7T+JSinAqQYGggsdFL+UzbP2Ai9JBoae3S0RUDhfh1mIKFCgUYNdgcc0QhG
GDQp5GUmDAQorTOnbLPiH5YWuGT8FN32rzy6co/8rZ5XQITQtYbtMyMxdiw5Mg8v
nPsS2TwgPVrWoA6F479cBVyzBaBbgnsQ0Wb/WdY44Y8xMGjqXRltgGw5WFuvHUl4
oGBnraHmzKISKAGLumwIz+94ackYjqtGmJLVe7UF+I5LniAm6LrRDw04lnOgAh2g
LDto2xdkynfhhZ5hOHVPJBa1nQoUSw2ipFZ+sVx9xlifKfycikp4dZukYhU/xeMr
tYdYhZbOg1WicyRb55PYe2ZKZylLwc+1mXdC2FMnPVbUdUV8CCFeP28AFG8Hfk75
YAeDmgwnThQhRvmL1Yvpeq0s18aofd04+Iah1yOSb0GZbBYUw99m+3QBXDYK0Z0G
s453ciFfFzGTswHFU36VMa+JFfitNP0=
=zRub
-----END PGP SIGNATURE-----