10 May
2000
10 May
'00
7:12 p.m.
Zope 2.2 has a new security API. Amid all the trojan news, I wanted to remind developers of Zope products that this new API should be used in many cases where users traditionally queried AUTHENTICATED_USER for something. If, in your code, you get information from the AUTHENTICATED_USER object then you should take a good look at the new API. Unless developers switch to this API, their products are potentially less secure than code that does use this API. All the details are in the Wiki... http://www.zope.org/Members/michel/Projects/Interfaces/SecurityPolicies -- -Michel Pelletier http://www.zope.org/Members/michel/MyWiki Visit WikiCentral for the latest Zen: http://www.zope.org/Members/WikiCentral