[Zope-PTK] Re: cms 1 alpha
Tres Seaver
tseaver@digicool.com
Mon, 26 Feb 2001 13:50:21 -0500 (EST)
On Mon, 26 Feb 2001, Ross Lazarus wrote:
> Just started playing - looking good.
Thanks
> I strongly recommend that the installation advice explain that one
> postinstall step is to tweak the security settings on the enclosing
> folder to ensure that anonymous (or whatever role is the one which is
> associated with access to the portal) has at least the following
> permissions:
>
> access contents information
> query vocabulary
> search zcatalog
> use mailhost services
> view
>
> as various obvious things break otherwise!
We have a PTK tracker issue for the mailhost already; I think the
portal setup should make those choices, *except* for the 'Access
contents information' one; that permission is *not* supposed to
be available to anybody except the manager and the owners of
particular folders. What breaks for you if ACI is not given to
anonymous?
BTW, I think the reason you catch these bugs is that you disable
those permissions on the Zope root object, which we tend not to
do on development sites; is that so?
> More later as I work my way through.
I am CC'ing the PTK list, to make sure I don't drop the ball
here.
Tres.
--
===============================================================
Tres Seaver tseaver@digicool.com
Digital Creations "Zope Dealers" http://www.zope.org