[Zope3-dev] why security proxy the modules for a menu
item directive?
Jim Fulton
jim at zope.com
Wed Dec 21 06:42:41 EST 2005
Gary Poster wrote:
> zope/app/publisher/browser/menu.py, line 132, security proxies the
> 'modules' name. This is pretty annoying, and seems unnecessary to me
> for a zcml filter: trusted filesystem code. Anyone want to defend it?
Not only will I not defend it, I'll go so far as to prosecute it. :)
This is probably a holdover from the early Zope 3 ZPT implementation that,
like the Zope 2 implementation, didn't make a distinction between trusted
and untrusted code.
Jim
P.S. Lennart Regebro has pointed out to me that the menu-filtering aproach
is much in need of repair or refactoring. Maybe a nice project
for the next release cycle.
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope3-dev
mailing list