From feb0c94e79350817689fcc5522bb493c64b33f4f Mon Sep 17 00:00:00 2001
From: fpeters <>
Date: Mon, 20 Sep 2004 08:17:58 +0000
Subject: [PATCH] security hazard; access to self on searchCriteria

---
 shared/server/ObjectsServer.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/shared/server/ObjectsServer.py b/shared/server/ObjectsServer.py
index 8d6fca1e..ff0fcb7e 100644
--- a/shared/server/ObjectsServer.py
+++ b/shared/server/ObjectsServer.py
@@ -2311,7 +2311,8 @@ class ObjectsServer(AdministrableServerMixin, Server):
                 continue
             try:
                 if eval(criteria, {'object': objectCore,
-                                   'result': result}, {}):
+                                   'result': result,
+                                   'self': self}, {}):
                     result.append(objectId)
             except Exception, e:
                 pass