26 Jul
2001
26 Jul
'01
8:03 a.m.
Hi everyone, Ok, I'm developing a python Product and have gotten to the stage where I am adding security declarations. I understand the default policy (once you've added a ClassSecurityInfo instance to the class and called InitializeClass(yourClass) ) should be to deny access to methods that don't have any security declarations. This doesn't seem to be the case. Even though I have *not* added security.setDefaultAccess("allow"), access to unprotected methods (both regular methods and HTMLFile methods) is being allowed rather than denied. Protecting methods with a permission works as it should. Can anyone help diagnose this? Michael Bernstein.