On Mon, 4 Sep 2000, Chris Withers wrote:
Well, I think the real problem is that the account that you use to "bootstrap" Zope is named "superuser". If it was named something else like "bootstrapuser" or "fixupuser" or something, I doubt you'd wonder why it couldn't own anything.
Well, okay, let me rephrase the question: Why is it bad for the bootstrap user to own anything? It used to be considered okay before Zope 2.2, so was has been changed/discovered that makes this now such a bad idea that despite loads of newbie pain and confusion, it's still worth while/necessary?
I've got to say I agree with you here. I'm still not 100% sure why the superuser or bootstrap user can't own anything. The argument for protecting the user against himself by making this so is something I had a rough time rationalizing in that document. I suppose there's the argument for having a meaningful audit trail when things go wrong (instead of superuser hosing your site, it'd be "chrism"). But this is also a rationalization. I guess the ultimate answer is "shrug." I'm certainly not even going to think of trying to tear apart the code that makes it that way (nevermind the flamefest it would cause). Rather, to ameliorate the situation, Zope should prompt the installer to define a separate management user at setup.
Come to thing of it, is there a concise description anywhere of what the new rules are WRT to ownership, the logged in user and how 'code' of all the various types is executed?
What isn't covered in that document that you'd like to know?
Urm, again, no offence ('cos I think the book is aimed at a different audience) but the keyword for me was 'concise'. I did have a look at the document above, but didn't read it 'cos it looked about 10 pages long :-(
I'm looking for something closer to 10 _lines_ long, but that may not be possible ;-)
No. But the document is divided into sections, and one of those sections regards ownership. Chris McDonough Digital Creations, Publishers of Zope http://www.zope.org