[Zope3-checkins] CVS: Zope3/doc/security - SecurityTarget.txt:1.14

Jim Fulton jim at zope.com
Fri May 7 04:57:49 EDT 2004


Update of /cvs-repository/Zope3/doc/security
In directory cvs.zope.org:/tmp/cvs-serv6447

Modified Files:
	SecurityTarget.txt 
Log Message:
Check in partial work.


=== Zope3/doc/security/SecurityTarget.txt 1.13 => 1.14 ===
--- Zope3/doc/security/SecurityTarget.txt:1.13	Thu May  6 13:14:06 2004
+++ Zope3/doc/security/SecurityTarget.txt	Fri May  7 04:57:47 2004
@@ -1152,6 +1152,43 @@
 Protection subsystem
 ^^^^^^^^^^^^^^^^^^^^
 
+The protection subsystem is responsible for controlling the access of
+interactions (subjects) to objects.  It does this through the use of
+security proxies.  Any non-basic objects that an interaction accesses
+is wrapped in a security proxy.  All operations on these non-basic
+object are performed through the security proxies.  
+
+Basic objects are immutable objects that contain only immutable
+subobjects. Examples if basic objects include:
+
+- Strings,
+
+- Integers (long and normal),
+
+- Floating-point objects,
+
+- Date-time objects, 
+
+- Boolean objects (True and False), and 
+
+- The special (nil) object, None.
+
+Subjects only have access to basic objects and proxied objects.
+
+For the purposes of the protection system, all operations can be
+reduced to one of two kinds of operations:
+
+- Read the value of a named attribute
+
+- Write the value of a named attribute
+
+Higher-level operations are reduced to these low-level operations. For
+example, to look up a key in a mapping object, we first execute read
+operation on the '__getitem__' attribute.  The value of the
+'__getitem__' attribute is the Python method for looking up a key.
+To actually call the method, we need to access it's '__call__
+
+
 
 
 




More information about the Zope3-Checkins mailing list