[ZDP] BackTalk to Document Zope Developer's Guide (2.4 edition)/Security

[webmaster@zope.org]

A comment to the paragraph below was recently added via http://www.zope.org/Documentation/Books/ZDG/current/Security.stx#3-12

---------------

      As we delve further into Zope security within this chapter,
      we'll see exactly what it means to associate security
      information with an object.

        % zigg - Feb. 12, 2002 11:40 am - What about object__roles__?

        % mcdonc - Mar. 2, 2002 4:45 pm - That's how roles are implemented at the bottom of the Zope security implementation, but "low level" stuff like this is unfortunately not covered in this guide.  Indeed, it's probably not comprehensively covered anywhere.

        % Anonymous User - Apr. 17, 2002 5:54 am:
         I think you should add here that access to methods without a docstring
         is denied, too

        % Anonymous User - Apr. 17, 2002 7:39 am:
         If the user has the role 'Manager' he is allowed to access

        % Anonymous User - Feb. 24, 2003 6:55 pm:
         No, 'Manager' is not any kind of superuser.
         Managers can remove permissions for Managers and then they will be denied!
         Only the "emergency" users can override this.