[Zope3-checkins] CVS: Zope3/doc/security -
SecurityTarget.txt:1.13.2.1
Martijn Faassen
m.faassen at vet.uu.nl
Tue May 11 05:10:59 EDT 2004
Update of /cvs-repository/Zope3/doc/security
In directory cvs.zope.org:/tmp/cvs-serv20906/doc/security
Modified Files:
Tag: faassen-interfaces-branch
SecurityTarget.txt
Log Message:
Sync up with changes in HEAD (so I can generate up to date patch file).
=== Zope3/doc/security/SecurityTarget.txt 1.13 => 1.13.2.1 ===
--- Zope3/doc/security/SecurityTarget.txt:1.13 Thu May 6 13:14:06 2004
+++ Zope3/doc/security/SecurityTarget.txt Tue May 11 05:09:56 2004
@@ -1152,6 +1152,43 @@
Protection subsystem
^^^^^^^^^^^^^^^^^^^^
+The protection subsystem is responsible for controlling the access of
+interactions (subjects) to objects. It does this through the use of
+security proxies. Any non-basic objects that an interaction accesses
+is wrapped in a security proxy. All operations on these non-basic
+object are performed through the security proxies.
+
+Basic objects are immutable objects that contain only immutable
+subobjects. Examples if basic objects include:
+
+- Strings,
+
+- Integers (long and normal),
+
+- Floating-point objects,
+
+- Date-time objects,
+
+- Boolean objects (True and False), and
+
+- The special (nil) object, None.
+
+Subjects only have access to basic objects and proxied objects.
+
+For the purposes of the protection system, all operations can be
+reduced to one of two kinds of operations:
+
+- Read the value of a named attribute
+
+- Write the value of a named attribute
+
+Higher-level operations are reduced to these low-level operations. For
+example, to look up a key in a mapping object, we first execute read
+operation on the '__getitem__' attribute. The value of the
+'__getitem__' attribute is the Python method for looking up a key.
+To actually call the method, we need to access it's '__call__
+
+
More information about the Zope3-Checkins
mailing list