You say these rules are new but there have been no intentional changes
to how security works. From DTML and scripts, you've always been unable
to call methods on objects that had no security assertions. If Y has no
security assertions, this is the intended behavior. It worked before?
In wha
On Thu, 06 Dec 2001 23:25:25 -0600, Stephan Richter <[EMAIL PROTECTED]>
wrote:
>BTW, Y is not a nice Zope object but an instance from anywhere.
Preventing arbirary access from TTW code to 'an instance from
anywhere' is exactly what the security machinery is designed to
prohibit.
> And setting
Hello everyone,
I have a major issue with the new security. Let's say I have class X (a
nice Zopish object) and an object Y.
class X:
Y = Y
Now, I am still able to access Y in an instance of X, like:
x = X()
x.Y
but I am not able to access method do_z() anymore.
x.Y.do_z()
BTW, Y is
