Chris McDonough wrote:
See (sneak peek) http://www.zope.org/Members/mcdonc/PDG/6-1-Security.stx, section named "The Superuser".
No offence meant, but it doesn't do a very good job of explaining _why_ the superuser can't own anything.
Well, I think the real problem is that the account that you use to "bootstrap" Zope is named "superuser". If it was named something else like "bootstrapuser" or "fixupuser" or something, I doubt you'd wonder why it couldn't own anything.
Well, okay, let me rephrase the question: Why is it bad for the bootstrap user to own anything? It used to be considered okay before Zope 2.2, so was has been changed/discovered that makes this now such a bad idea that despite loads of newbie pain and confusion, it's still worth while/necessary?
Come to thing of it, is there a concise description anywhere of what the new rules are WRT to ownership, the logged in user and how 'code' of all the various types is executed?
What isn't covered in that document that you'd like to know?
Urm, again, no offence ('cos I think the book is aimed at a different audience) but the keyword for me was 'concise'. I did have a look at the document above, but didn't read it 'cos it looked about 10 pages long :-( I'm looking for something closer to 10 _lines_ long, but that may not be possible ;-) cheers, Chris