> Hi Chris,
> in an earlier message, you defended the existence of a
> separate permission "Access Session Data" (in the
> CoreSessionTracking proposal) by the following
> There may be (authenticated) users with
> (TTF?) scripting rights that should be prevented
> to screen session data (by withdrawing
> the "Access Session Data" permission from
> This will only be effective, when not all users automatically
> have the "Anonymous" role.
Yes, this was brought up earlier today by someone at DC. I need to think
about it more. :-(
> Why am I against new permissions?
> This has partly to do with the current Zope permission management.
> As soon as you have more than a few products installed and
> created a few additional roles, permission management becomes
> a nightmare: it is very difficult to keep the overview
> with the current unstructured, non-batched permission setting
I agree that the current permissions management interface is tough to
navigate. I think we should probably fix this instead of limiting features
of products because we're worried about cluttering the permissions
management interface. That said, I don't know of any initiatives to do so.
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -