20 Nov
2007
20 Nov
'07
10:48 a.m.
Hi there, On Nov 20, 2007 11:24 AM, Chris Withers <chris@simplistix.co.uk> wrote: [snip]
Traditional Zope 2 doesn't work that way: as soon as you make a call from your Python script, the underlying code that is being called is trusted. No proxies anywhere (well, except the ubiquitous acquisition proxies..).
Indeed, sometimes this is handy, sometimes it causes problems...
There will be a problem if proxies get into subsystems without any security declarations. Most security policies should forbid access in that case. You might be surprised how many things you'll need to add security declarations for. In my experience this seriously kills development speed early on in the project. Regards, Martijn