On Mon, 21 Aug 2000 12:15:24 +0100, Chris Withers [EMAIL PROTECTED]
wrote:
The SquishSite class has a method called item_count() which is used on
one of the management pages. It currently isn't protected by any
permissions or __roles__ and yet it still works fine on the management
screen
Toby Dickenson wrote:
Firstly, I assume your management page is a dtml file on disk, not a
dtml object stored in the ZODB. dtml files bypass *all* security
checks.
That's nice :(
Secondly, all objects that inherit from OFS.Item.SimpleItem (that is,
almost all high level objects) have the