[Zope-CMF] Should we invert security?
Shane Hathaway
shane@digicool.com
Thu, 7 Jun 2001 13:51:57 -0400
On Thursday 07 June 2001 12:49, seb bacon wrote:
> Sounds good to me, and should fit most applications. However, I
> wonder what someone who wants the current behaviour should do. Put
> security checks in their dtml I guess. Isn't there a more elegant
> solution? I can't think of one but I'm not very elegant :)
No, that won't be necessary. There will have to be a one-time
conversion script that explicitly sets permission mappings where they
are currently implicit.
Shane
> * Shane Hathaway <shane@digicool.com> [010607 16:00]:
> > Right now the security strategy used by CMFDefault is "deny by
> > default". Each member folder is set up to deny access to anonymous
> > users and other members. Objects within a member folder allow
> > access depending on their workflow state.
> >
> > But the problem with this strategy, which seems right at first, is
> > subtle: you might be able to access content without being able to
> > access the container of the content. So DTML that tries to use
> > PARENTS[0], which really ought to be available, raises a security
> > exception. This is a problem right now on cmf.zope.org.
> >
> > I think we should switch to "allow by default". Member folders
> > won't have any special security settings, but when you create
> > content, it might be restricted by default so that other users
> > can't see it until it's ready to be published.
> >
> > Do you agree? It would sure simplify things IMHO.
> >
> > Shane