[Zope-dev] Security-Bug
Andre Schubert
andre.schubert@km3.de
Mon, 13 May 2002 07:56:49 +0200
On Wed, 8 May 2002 23:04:08 +0200
"Dieter Maurer" <dieter@handshake.de> wrote:
> Andre Schubert writes:
> > could this be a bug in the security-machinery?
> >
> > Lets say we have a role foo, this role has the permission to view the management screens.
> > Lets say we have a user bar which has the role foo.
> >
> > If i login into the ZMI a be able to go to
> > Control_Panel/Products.
> > And now if i want i be able to add a Zope Permission in every Product-Folder i found.
> >
> > Testet with Zope 2.4.3
> >
> > Do i have misset any security-permissions or is this really a bug?
> I do not understand what your problem is...
>
> What does not work?
>
>
> Dieter
>
If i have the permission to view the management screens i be able to add Zope Permissions... is this a security bug or not ?