[Zope-dev] RFC: ZTK custom publications, zope.app.publication, and zope.traversing

Jim Fulton jim at zope.com
Mon Jun 22 05:36:13 EDT 2009


On Jun 21, 2009, at 9:40 PM, Stephan Richter wrote:

> On Sunday 21 June 2009, Jim Fulton wrote:
>> Thoughts?
>
> +1. Sounds really good!
>
> BTW, I would love to hear about a practical example for overriding  
> proxy()
> other than turning off security altogether.


2 examples:

- Use a Python-based proxy that's good enough for supporting access  
control in trusted code. (It wouldn't protect against devious  
untrusted code, but most applications don't really need to run  
untrusted code.)

- Use a better system for managing checkers.

Probably the most important feature is disabling proxy-based  
protection for applications that don't need an access control model or  
that use a non-proxy-based approach.

Jim

--
Jim Fulton
Zope Corporation




More information about the Zope-Dev mailing list