[Zope-dev] RFClarification: Security on Product Attributes

[Chris Withers]

Hi,

If I have the following lines in a Python Product:

    def __init__(self, id): 
        """initialise a new instance of product"""
        self.id = id
	self.title = 'Title!'
        self.anInt = 0
	self.aString = 'testing'

Are these attributes protected by the security machinery?
If so, how so? 

Can I read them? I think the answer is yes for anInt and no for aString.
Don't know the mechanics of title and id, I'm guessing they're going to
be special cases whatever...

Are they protectable by permissions? I do hope so although my experience
is that, at best, it's not necessary, which is contrary towhat I thought
the new security policy was.

Should they have to be protected by permissions? Probably...

Looking for comments-ly,

Chris