[Zope] Re: ZEO Client space

[Chris Withers]

> what (for example, in the case of an enterprise KM portal) prevents a
clever
> user (let's say, a Python programmer in the company's IT dept) from being
> able to bypass the client security mechanism and get access to HR or
payroll
> data that he/she is not supposed to see?

This is exactly the problem my ZODB-dev idea seeks to solve...

> I guess, if you are just looking for applications that access data and
call
> methods written in Zope, XML-RPC would still be ideal, and have the
security
> features that would be needed.
>

<snip XML brokering stuff>
Woh! That sounded cool but went light years above my head :-S

> for an unintelligent application; it just means the application is a
little
> bit more autonomous from Zope (which could either be good or bad)...

Hmmm, thanks, that was a really interesting insight :-)

cheers,

Chris