[Zope3-dev] Re: Security Model
Jim Fulton
jim at zope.com
Tue Dec 16 12:00:08 EST 2003
Phillip J. Eby wrote:
> At 10:28 PM 12/15/03 -0500, Jim Fulton wrote:
>
>> I'll just note that an upcoming project will be to refactor the
>> authorization system in a way that should make it much more obvious
>> how to implement the sorts of systems sketched out in this thread.
>>
>> This is a possible project for the F12g sprint in January.
>>
>> As a matter of jargon, I see Zope 3's security system as consisting
>> of 4 parts.
>>
>> 1. A system for declaring the permissions needed to access
>> names in objects or classes of objects. I don't have a good name
>> for this. (Security requirements? Permission requirements?)
>
>
> How about "required permissions", or maybe "permission declarations"?
I like "permission declarations". I often use that term.
>
>> 2. A system for enforcing permission requirements. This is implemented
>> via security proxies. In the future, it may involve a combination of
>> security proxies and code manipulation. I think a good name for
>> this might be the protection system.
>
>
> It seems a little vague; how about "enforcement system"?
That works too.
Jim
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope3-dev
mailing list