[Zope] Re: security.declarePrivate allows access to all
authenticatedusers
Itai Tavor
itai@optusnet.com.au
Thu, 30 Aug 2001 09:46:49 +1000
Chris Withers wrote:
>Itai Tavor wrote:
>>
>> >Foolish old trusting me thought that 'test' would not be accessible
>> >from restricted code. And it really isn't accessible to anonymous
>> >users, but is freely accessible to all authenticated users.
>
>Sounds like a pretty nasty bug, stick it in the collector...
>
>cheers,
>
>Chris
I wouldn't want to do that just yet... it seems impossible that
nobody else hit this, if it really is a bug. So unless anyone else
manages to reproduce it, it's more likely to be some pathological
combination of products, versions and classes that my typical bad
luck caused me to encounter. I'll wait to see what other comments I
get, and I'll try to isolate the problem in a limited test case.
Itai
--
--
Itai Tavor -- "Je sautille, donc je suis." --
itai@optusnet.com.au -- - Kermit the Frog --
-- --
-- "If you haven't got your health, you haven't got anything" --