[Zope] Re: major problems placing authentication on an extranet site-security flaw?

Chris Withers chris at simplistix.co.uk
Fri Feb 10 08:35:38 EST 2006 

michael nt milne wrote:
> Well I said it was over and out but I have to respond to this latest post.

You liar!

> Basically though, Zope permissions and security could be made a lot more
> usable. 

Cool, we look forward to your documented proposal to dev.zope.org 
including implemented code on a branch with unit tests that satisfies 
all of Zope's potential users while maintaining complete security in all 
scenarios and providing a ui so perfect that even muppets could use it 
and not shoot themselves in the foot.

> It's far too technically focused and this is the opinion of a few
> others as well. 

A few other halfwits maybe...

> The whole ZMI interface could be put through a usability
> re-design to be honest

Ah great, does that mean you're offering to finance this?

> and that's not even to comtemplate the security
> areas.

I'm not sure you're qualified or capable of contemplating such areas ;-)

> I have a few clients, 

I pitty them, I really do...

> who I have built sites for using Plone and on showing
> them the ZMI they have re-coiled in absolute horror.

Sure it wasn't just your cack-handed coding? ;-)

> Now obviously Plone is
> trying to bring more and more features within its own interface, which is
> good as it's more usable.

Obiviously, it's why we all _love_ Plohn so _damn_ much *grinz*

> However many things still remain. 

Sadly, including you...

> Most of my
> clients are able to use the Plone editing tools and interfaces but can't at
> all get their heads round the ZMI. 

They shouldn't be going to the ZMI if you've done your job properly with 
the Plohn interface...

> I would guess that changing interfaces
> doesn't help but there you go.

Guessing? Yay, just what you need from someone you're paying to develop 
something...

> Glad you feel entertained Norbert. I have been as well and at the same time
> have made quite a bit of progress. Cheers.

Please god, leaves us alone...

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk

More information about the Zope mailing list