[Zope] Disabling anonymous webdav access
Brian Lloyd
brian@digicool.com
Mon, 21 May 2001 10:28:54 -0400
> Ok, so what do you propose Brian? You have a point by stating
> that you want
> the Zope-permissionsystem to be action-based in stead of protocol based.
> But then: listing a site's content via the DAV-protocol does not work the
> same as via normal http-based protocol: when index_html is present, the
> site's content (and sub-directory-structure) is effectively masked via
> normal http-access (I think).
>
> So when a certain permission (like Acces Contents Information)
> effectively
> behaves different under different access-protocols, this action-based
> permission policy seems to me to be inadequate...
I agree that it is inadequate; what I am proposing is not an
ultimate solution for that, it is a short term fix to solve
some people's immediate problem (exposing site structure via
DAV PROPFIND).
Brian Lloyd brian@digicool.com
Software Engineer 540.371.6909
Digital Creations http://www.digicool.com