[Zope-CMF] Re: last call before feature freeze! + !CMFTopic!

Tonico Strasser contact_tonico at yahoo.de
Thu Aug 5 11:17:52 EDT 2004


Tres Seaver wrote:
> 
> and one on the implications:
> 
>   - Exposing the ability to write code (even in the limited form of
>     'python:' or path expressions) at the "CMS" level might present
>     interesting security challenges.  I would guess that we should
>     think hard about how to restrict access to the ability to create
>     EC's.
> 
> Comments, anyone (especially on the last)?

Only Managers can add Topics by default, I'm not shure where the "CMS" 
level begins.

Tonico



More information about the Zope-CMF mailing list