[Zope3-dev] Nasty bugs
R. David Murray
bitz@bitdance.com
Wed, 20 Mar 2002 10:54:43 -0500 (EST)
On Wed, 20 Mar 2002, Shane Hathaway wrote:
> Here's a thought. We need primitives that are mutable to sometimes be
> wrapped, for example to prevent a list, returned from a function unaware
> of security, from being mutated by untrusted code. But "None", numbers,
> and strings probably shouldn't ever be wrapped. As for tuples, it's
> hard to say.
But doesn't security also apply to *viewing* data? As Steve pointed
out, we can have (and do have) some highly structured "primitive"
data being passed around, and I can easily see wanting to apply
"read" security to such data. On the other hand, I may be missing
something obvious because I don't fully understand the security
model yet.
--RDM