[Zope3-checkins] CVS: Zope3/doc/security - SecurityTarget.txt:1.14
Jim Fulton
jim at zope.com
Fri May 7 04:57:49 EDT 2004
Update of /cvs-repository/Zope3/doc/security
In directory cvs.zope.org:/tmp/cvs-serv6447
Modified Files:
SecurityTarget.txt
Log Message:
Check in partial work.
=== Zope3/doc/security/SecurityTarget.txt 1.13 => 1.14 ===
--- Zope3/doc/security/SecurityTarget.txt:1.13 Thu May 6 13:14:06 2004
+++ Zope3/doc/security/SecurityTarget.txt Fri May 7 04:57:47 2004
@@ -1152,6 +1152,43 @@
Protection subsystem
^^^^^^^^^^^^^^^^^^^^
+The protection subsystem is responsible for controlling the access of
+interactions (subjects) to objects. It does this through the use of
+security proxies. Any non-basic objects that an interaction accesses
+is wrapped in a security proxy. All operations on these non-basic
+object are performed through the security proxies.
+
+Basic objects are immutable objects that contain only immutable
+subobjects. Examples if basic objects include:
+
+- Strings,
+
+- Integers (long and normal),
+
+- Floating-point objects,
+
+- Date-time objects,
+
+- Boolean objects (True and False), and
+
+- The special (nil) object, None.
+
+Subjects only have access to basic objects and proxied objects.
+
+For the purposes of the protection system, all operations can be
+reduced to one of two kinds of operations:
+
+- Read the value of a named attribute
+
+- Write the value of a named attribute
+
+Higher-level operations are reduced to these low-level operations. For
+example, to look up a key in a mapping object, we first execute read
+operation on the '__getitem__' attribute. The value of the
+'__getitem__' attribute is the Python method for looking up a key.
+To actually call the method, we need to access it's '__call__
+
+
More information about the Zope3-Checkins
mailing list