user defined markup security risk for non-admin users

[GoogleCodeExporter]

With user-defined markup, users can change the interactive elements on a
page.  While it is not implemented yet, it is possible to imagine having
secure interactive elements (e.g. using Silverlight) that would prevent a
user to run arbitrary code on a server.  This would be defeated by having a
user arbitrarily changing the interactive element using the user-defined
markup feature.  We should change settings so that only administrators can
change the markup on a page.  The cleanest way to do this is to introduce
separate classes in configuration.py: one for regular users and one for
administrators.  Preferences allowed only for administrators could then
easily be identified in this way.

Original issue reported on code.google.com by andre.ro...@gmail.com on 9 Aug 2008 at 8:51

[GoogleCodeExporter]

Given the lack of sandboxing (e.g. no Silverlight plugin) for 1.0, I'm changing 
the
milestone to beyond 1.0 as there is no real advantage to try to get this fixed 
before
then.

Original comment by andre.ro...@gmail.com on 5 Oct 2008 at 5:38

• Added labels: Milestone-Beyond1.0
• Removed labels: Milestone-Release1.0