[Zope] "Private" objects?

Kirk Strauser kirk at daycos.com
Tue Feb 3 10:40:27 EST 2004


I'm designing a website with a lot of functionality that I don't want to 
expose directly to site visitors.  Since I lack the Zope terminology for 
this, here's an example of what I mean:

I have a Python script named "doSecretStuff" in the root of the site's 
folder.  Now, I want to be able to call that script from DTML documents 
and other Python scripts, but I *don't* want end users to be able to 
visit http://www.example.com/doSecretStuff to execute it directly.

Can Zope's security model handle this?  If so, what would this be called 
(I'm happy to research it myself if I can find a name for it)?  Right 
now my site's security is by obscurity and I'm not really satisfied with 
that.
-- 
Kirk Strauser
The Day Companies



More information about the Zope mailing list