[Zope] External Methods, Proxy Roles, and Executable Security
Jens Vagelpohl
jens at dataflake.org
Sun Nov 20 13:01:20 EST 2005
On 20 Nov 2005, at 18:47, George Lee wrote:
> Great, thanks much.
>
> Is there much buzz about this in CMF developer land? It seems like
> proper proxy roles handling, and like you said what Zope 3 security
> will do to it, are pretty important and will come up quite often (all
> I was doing, after all, was trying to move an object upon workflow
> change!).
IMHO proxy roles should be used extremely sparingly, if at all. They
are a last resort and I personally never use them. Matter of fact I
believe having to use them means the application design could use
some improvement...
If something needs to be done with elevated privileges it should be
in filesystem product code or, if that is not feasible, in an
external method. At least that's my philosophy ;)
jens
More information about the Zope
mailing list