[Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.
Jim Fulton
jim at zope.com
Wed Apr 6 08:33:39 EDT 2005
I very much want Zope 2.9 to use Zope 3's security architecture.
Zope 3's security architecture is far more robust, but it is different
in some significant ways:
- It protects names not values. This means that you protect
how you access things, not the things themselves.
- It doesn't provide key-bases access control for mapping
objects. If you can get any key, you can get all keys.
This is less powerful that Zope 2's security system, but
this is power we haven't needed for Zope 3 and I suggest
we don't really need it for Zope 2.
- Non-basic values passed from trusted code to untrusted code
are security proxied and thus protected. This means that the
security framework has a much greater reach than in Zope 2,
Even trusted code is subject to the security system in many
cases. This can be a good thing or a bad thing, depending
on your point of view. :)
- The Zope 3 security system is much more pluggable. This means
that it is much easier to provide alternate security policies
to meet special needs to or exclude unneeded features.
For more information on the security system, see:
http://svn.zope.org/Zope3/trunk/src/zope/security/untrustedinterpreter.txt?view=markup
http://svn.zope.org/Zope3/trunk/src/zope/security/README.txt?view=markup
http://svn.zope.org/Zope3/trunk/src/zope/app/securitypolicy/zopepolicy.txt?view=markup
http://www.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/ProgrammerTutorial/programmers_tutorial.pdf
I see 2 main challenges:
- supporting implicit acquisition
- Backward incompatibilities:
o No support for key-based access control
o Trusted code will be subject to security restrictions
in cases in which it isn't now.
I think there will be a number of significant benefits, including:
- Greater security
- Less complexity
- Less risk with new Python versions
- Narrower gap between Zope 2 and Zope 3.
This will be a fairly large job. I won't have time to work on it before this
Fall. I could certianly use some help. :)
Are there any objections? Suggestions? Questions?
Jim
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope-Dev
mailing list