[Zope3-dev] Zope security policy

[Garrett Smith]

Our app needs to not grant anonymous view access. It's not clear to me
how I can do this without:

- Duplicating the entire contents of z/a/securitypolicy/configure.zcml
in our site.zcml (sans the anonymous grants)

- Physically changing z/a/securitypolicy.zcml on installation

The note in configure.zcml implies that we choose the later, but that's
bad.

Unless there's an existing solution, I propose that we move the
anonymous grants into securitypolicy.zcml and leave
z/a/ssecuritypolicy/configure.zcml strictly for setting up components
for the package.

 -- Garrett