[Zope-dev] Zope security alert and 2.2 information

[Morten W. Petersen]

> 
> Hmm, how do this 'nobody' user and the Anonymous user interact?
> Are they the same? Should they be? what are the differences?
> 

I think he means Anonymous..

> If, of course, you're using Cookie authentication... which isn't really
> the problem.
> The problem is HTTP Basic Authentication caching the user's details
> until it gets told they've failed authentication for that realm...
> 

My bad, mixed up two different publishers.

-Morten