I think it's great that you did this... nice job! I have some
specific disagreements (while I think it's a reasonable constraint,
and I think something should enforce it, I don't believe it's the job
of something that we call a *security policy* to enforce whether a
method is called, e.g.
You have many good points in your list of troubles. Many of them are
resolved by using security declarations through ZCML instead. It would
be interesting to here your views on this.
//Lennart
___
Zope-Dev maillist - Zope-Dev@zope.org
http://mail.zope
Hey guys!
In the past few months I fiddled around with Zope2's security and access
control code. I analysied my own code and code from other developers to
search for common errors. Also I tried to think of ways to make the
security system easier and more verbose on coding errors
I have not yet im