On Tue, 2002-01-08 at 14:01, Evan Simpson wrote:
> Michael R. Bernstein wrote:
> > [snip stuff about accessing a browser_id_manager's
> > meta_type from unrestricted code raising an
> > unauthorized exception]
> > Will this be fixed for 2.5 final?
> That depends. We're currently waiting for feedback on 2.5b3. Depending
> on how that goes, these changes may need to wait for 2.5.1.
Perhaps I am under-estimating how difficult the fix is. I'm assuming
that you simply need to add an appropriate security declaration to the
meta_type is an attribute, so you can't just do
The id attribute has the getId method, perhaps what's required is a
getMetaType method that can be suitably protected?
This would still be a pretty easy fix:
Am I missing something?
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -