[Zope3-dev] why security proxy the modules for a menu item directive?

Gary Poster gary at zope.com
Wed Dec 21 09:55:36 EST 2005


On Dec 21, 2005, at 6:42 AM, Jim Fulton wrote:

> Gary Poster wrote:
>> zope/app/publisher/browser/menu.py, line 132, security proxies  
>> the  'modules' name.  This is pretty annoying, and seems  
>> unnecessary to me  for a zcml filter: trusted filesystem code.   
>> Anyone want to defend it?
>
> Not only will I not defend it, I'll go so far as to prosecute it. :)
>
> This is probably a holdover from the early Zope 3 ZPT  
> implementation that,
> like the Zope 2 implementation, didn't make a distinction between  
> trusted
> and untrusted code.

Cool.  OK, I'll rip out the ProxyFactory usage here from the trunk  
today.

> P.S. Lennart Regebro has pointed out to me that the menu-filtering  
> aproach
>      is much in need of repair or refactoring. Maybe a nice project
>      for the next release cycle.

Sounds good.

Gary


More information about the Zope3-dev mailing list