[Zope3-dev] Permission granularity/permission groups
Chris Withers
chris at simplistix.co.uk
Tue Feb 15 04:45:22 EST 2005
Jim Fulton wrote:
>> From
>> http://www.zope.org/Documentation/How-To/ProductAuthorUpdateGuide/index_html:
>>
>> "The new Zope security policy in 2.2 by default denies access to
>> objects that are not explicitly protected."
>
> I'm 98% sure that that is incorrect. Those changes made it
> *possible* to deny by default, however, unfortunately, the
> standard base classes are still allow by default for backward-
> compatibility reasons.
Yep, that's what I said ;-)
The actual security policy is "deny by default", but SimpleItem whacks
in an "all your base are belong to us" because when 2.2 was released, no
one was brave enough to make everyone make their products secure...
(and yes, I know that last comment is unfair)
But hey, this is something I'm really excited about in Zope 3, and
looking forward to try out!
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
More information about the Zope3-dev
mailing list