[Zope] Security problem
Tino Wildenhain
tino@wildenhain.de
Thu, 17 May 2001 16:18:57 +0200
Hi Andres,
on my point of view it works exactly as it should be.
"Aquire permission settings" means use whatever is
set in the containing object (folder, folders folder and so on)
is used combined with the local settings, e.g. manager
can view etc.
If you dont want Annonymous user to view a page you have to
take the right either at the root-folder (so it cannot be
acquired) or you must prevent acquise with unchecking.
Regards
Tino Wildenhain
--On Donnerstag, 17. Mai 2001 11:15 +0300 Punn <andres.punning@ksk.edu.ee>
wrote:
> Hello,
>
> I am newbie.
>
> My Zope security works in a strange way:
> The security tab says as follows:
> When the Acquire permission settings checkbox is selected
> then the containing objects's permission settings are used.
>
> It took me some time to understand, that
> the settings are USED, when the Acquire permission settings checkbox is
> UNchecked.
> All checked settings are ignored.
>
> For example, if I want to prevent Anonymous user seeing something,
> I must uncheck in the View row "Acquire permission setting" and
> "Anonymous user" columns.
>
> What is wrong?
>
> Zope Version: Zope 2.3.1 (binary release, python 1.5.2, linux2-x86)
> Python Version: 1.5.2 (#10, Dec 6 1999, 12:16:27) [GCC 2.7.2.3]
> System Platform: linux2
>
>
> Andres Punning
>
>
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )