[Zope] Security quirk
Michel Pelletier
michel@digicool.com
Thu, 22 Jul 1999 10:10:18 -0400
> -----Original Message-----
> From: Toby Dickenson [mailto:tdickenson@oriongroup.co.uk]
> Sent: Thursday, July 22, 1999 8:57 AM
> To: zope@zope.org
> Subject: [Zope] Security quirk
>
>
> When viewed by an anonymous user, A gives the Unauthorized exception
> that I was expecting, but B succeeds. This is the same in 1.10.3 and
> in alpha 3.
>
> I couldn't find anything specific in the documentation.... should
> authorisation be checked in these cases?
>
This was a bug, thanks for the report. This is fixed in CVS and will be
in the beta.
-Michel