You are not logged in Log in Join
You are here: Home » Download Zope Products » Zope » Hotfix-2005-04-05 » Hotfix-20050405 » Hotfix_20050405 Product Readme » View Document

Log in
Name

Password

 

Hotfix_20050405 Product Readme

Hotfix removing a potential vulnerability involving classes derived in restricted code.

Overview

A review of differences between the restricted code implemtations in the Zope 2.7 branc and the Zope 2.8 branch revealed a potential exploit involving classes defined in untrusted code (i.e., PythonScripts). Malicious users who are allowed to write through-the-web PythonScripts may be able to gain access to protected methods of those classes exposed for import by untrusted code.

If exploited, this vulnerability could allow users to bypass restrictions which would normally prevent them from viewing and or modifying protected data within the Zope application server.

By default, a stock Zope instance exposes no classes with protected methods for such imports, and thus is not vulnerable to the exploit. Third-party products or local development may have exposed other classes for import by untrusted code: a site with such add-ons installed may therefore be vulnerable to this exploit.

This hotfix product removes the possible exploit, which affects Zope 2.7.5 and earlier, as well as Zope 2.8a2 and earlier on the current development trunk. We recommend installing this hotfix or upgrading to one of the unaffected versions as soon as feasible.

The issue addressed by this hotfix will be closed in Zope versions 2.7.6 and 2.8b1.

Installing the Hotfix

This hotfix is installed as a standard Zope2 product. The following examples assume that your Zope instance is located at '/var/zope/instance': please adjust according to your actual instance path. Also note that hotfix products are not intended for installation into the "software home" of your Zope.

  1. Unpack the tarball / zipfile for the Hotfix into a temporary location:
            $ cd /tmp
            $ tar xzf ~/Hotfix_20050405.tar.gz
    
  2. Copy or move the product directory from the unpacked directory to the Products directory of your Zope instance:
            $ cp -a /tmp/Hotfix_20050405/ /var/zope/instance/Products/
    
  3. Restart Zope:
            $ /var/zope/instance/bin/zopectl restart
    

Uninstalling the Hotfix

After upgrading Zope to one of the fixed versions, you should remove this hotfix product from your Zope instance.

  1. Remove the product directory from your instance 'Products':
            $ rm -rf /var/zope/instance/Products/Hotfix_20050405/
    
  2. Restart Zope:
            $ /var/zope/instance/bin/zopectl restart