Is it just me or is there a lot of confusion between the terms
namespace, self, client, and the REQUEST object (which, unlike it's name
implies, seems to contain a lot more than stuff relating to the HTTP
request, like the RESPONSE object, for example ;-)
Perhaps this could be shaken down and
Now - should methods of mutable types be off-limits in the
future? [...] I don't think it would
be acceptable for 'append' to be off-limits in this case, so
the alternative is that the security machinery would somehow
have to be able to distinguish mutables created by the user
from those