[Zope-dev] Ids starting with _

R. David Murray bitz@bitdance.com
Mon, 31 Jul 2000 20:05:18 -0400 (EDT)


On Mon, 31 Jul 2000, Chris Withers wrote:
> Toby Dickenson wrote:
> > Almost all zope-manageable classes (and certainly Folders, that Dieter
> > mentioned) use the old rule. This happens because they derive from
> > SimpleItem.Item, which has __allow_access_to_unprotected_subobjects__=1
> 
> 1) Why does SimpleItem still have this?! Since so much, IIRC, is derived
> from SimpleItem.Item, surely this goes very much against the grain of
> 'everything should be protected unless I say otherwise'?

If you read the docs about the 2.2 security changes, you'll find the
explication.  Summary:  this is a transitional step.

> 2) Why does having __allow_access_to_unprotected_subobjects__=1 mean
> that the 'start with _ = hidden/no DTML, no web Access' ruel applies?

I don't think that's what he meant.  I think he meant that keeping
that _ behavior was necessary because most objects still use the
older 'wide open' security model.  But I could be wrong.

--RDM