[Zope3-dev] Zope security policy
Garrett Smith
garrett at mojave-corp.com
Thu Mar 10 11:04:34 EST 2005
I glanced over the transcript, but I'm not sure what I'm supposed to get
from it.
Roger Ineichen wrote:
> Hi Garrett
>
>> -----Original Message-----
>> From: zope3-dev-bounces+dev=projekt01.ch at zope.org
>> [mailto:zope3-dev-bounces+dev=projekt01.ch at zope.org] On Behalf Of
>> Garrett Smith Sent: Thursday, March 10, 2005 4:35 PM
>> To: zope3-dev (E-mail)
>> Subject: [Zope3-dev] Zope security policy
>>
>> Our app needs to not grant anonymous view access. It's not clear to
>> me how I can do this without:
>>
>> - Duplicating the entire contents of
>> z/a/securitypolicy/configure.zcml in our site.zcml (sans the
>> anonymous grants)
>>
>> - Physically changing z/a/securitypolicy.zcml on installation
>>
>> The note in configure.zcml implies that we choose the later, but
>> that's bad.
>>
>> Unless there's an existing solution, I propose that we move the
>> anonymous grants into securitypolicy.zcml and leave
>> z/a/ssecuritypolicy/configure.zcml strictly for setting up components
>> for the package.
>
> I was talking to jim on IRC about securitypolicy settings.
>
> See:
> http://zope3.pov.lt/irclogs/%23zope3-dev.2005-03-10.log.html
> (Thanks to mgedmin to this nice log)
>
> See also my mail: Traversal question from Today.
>
> What do you think?
>
> Regards
> Roger Ineichen
>
>> -- Garrett
>> _______________________________________________
>> Zope3-dev mailing list
>> Zope3-dev at zope.org
>> Unsub:
>> http://mail.zope.org/mailman/options/zope3-dev/dev%40projekt01.ch
More information about the Zope3-dev
mailing list