Skip to main content

Workarounds related to Zope's security subsystem.

Project description

This package allows to work around weaknesses in the web application server Zope’s security subsystem. Currently, it contains a single module proxy.

proxy

In principle, Zope makes a clear distinction between trusted code (which comes from the file system and cannot be modified through-the-web) and untrusted code (which might be tangled with through-the-web). Trusted code is unrestricted by Zope’s security subsystem, untrusted code has permission checks on each object and method access.

Unfortunately, occasionnally, trusted code performs its own security checks – and can raise Unauthorized exceptions even when called from other trusted code. The proxy module is destined to work around this behaviour. It uses Zope’s so called proxy roles to set up roles which should be used for internal security checks.

The module defines the context manager proxy_roles(*roles), typically used as follows:

>>> with proxy_roles(role1, role2, ...):
>>>   ... perform any operation[s] with internal security checks ...

This sets up proxy roles role1, role2, … to be used for the internal security checks.

Usually, the roles are 'Manager', 'Authenticated' but can be anything. Note that proxy roles override any currently active user roles.

History

2.0

Make Python 3/Zope 4 compatible; drop support for Python 2.6 (and below)

New “context manager” interface.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

dm.zopepatches.security-2.0.tar.gz (3.2 kB view details)

Uploaded Source

File details

Details for the file dm.zopepatches.security-2.0.tar.gz.

File metadata

File hashes

Hashes for dm.zopepatches.security-2.0.tar.gz
Algorithm Hash digest
SHA256 7d4b47c2d2f416863ee4944dcb7881f17bd086dd32ee51fde7d5edd7635babaf
MD5 ba365c9b1e641e6709c4aca6505006bd
BLAKE2b-256 3d737d43352365578afd85ee261d22eeaf4db4cbcc0ee751df7678fda0363fcd

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page