[Zope3-dev] Re: Python version for Zope 3.4 ?
Philipp von Weitershausen
philipp at weitershausen.de
Thu Sep 28 19:41:28 EDT 2006
Dieter Maurer wrote:
> Philipp von Weitershausen wrote at 2006-9-28 11:22 +0200:
>> ...
>>> The last time this was discussed with Jim, the idea was to try to use
>>> Zope 3's security proxy approach in Zope 2 for Python Script security
>>> - Jim and I had some ideas I need to dredge up from the back of my
>>> mind.
>
> I am quite fearful in this regard:
>
> Lots of existing code rely on the fact that trusted code
> can do anything without to worry about security.
>
> As security proxies restrict trusted code, too (though trusted
> code can remove the wrapper), we might get more security
> at the cost of massive backward incompatibility.
I agree. This isn't an easy task, pretty much like all tasks in this
overall migration :/
Knowing both systems (Zope 2's guarded_getattr vs. Zope3's security
proxies and checkers), all I can say is that Zope 3 security proxies
cause much less headaches, because they make security an intrinsic
property of the individual objects, and not of the system that deals
with the objects.
Like Jim is suggesting, we should probably support both approaches for
the time being.
More information about the Zope3-dev
mailing list