22 Jul
1999
22 Jul
'99
2:10 p.m.
-----Original Message----- From: Toby Dickenson [mailto:tdickenson@oriongroup.co.uk] Sent: Thursday, July 22, 1999 8:57 AM To: zope@zope.org Subject: [Zope] Security quirk
When viewed by an anonymous user, A gives the Unauthorized exception that I was expecting, but B succeeds. This is the same in 1.10.3 and in alpha 3.
I couldn't find anything specific in the documentation.... should authorisation be checked in these cases?
This was a bug, thanks for the report. This is fixed in CVS and will be in the beta. -Michel