[Zope-dev] AccessControl bug fixed
Hanno Schlichting
hanno at hannosch.eu
Thu Aug 23 15:30:41 UTC 2012
On Thu, Aug 23, 2012 at 5:23 PM, <lists at nidelven-it.no> wrote:
> does this have any security implications?
In short: No.
Long answer: Not unless you have very custom code similar to what's in
the provided test (providing a custom rolesForPermissionOn callable on
a class). And that code would have never worked as intended or at
least it would have already been broken in Zope 2.12.
Hanno
More information about the Zope-Dev
mailing list