On 03/24/2003 12:28 PM, kosh wrote:
On Monday 24 March 2003 09:05 am, Leonardo Rochael Almeida wrote:

On Fri, 2003-03-21 at 20:08, kosh wrote:

I am having a problem where DTML is allowing access to an attribute of an
object that restrictedTraverse and regular . notation denies from a
python script.

This is pretty serious. You should post this as a bug in the collector.

Cheers, Leo

Yeah I will report this to the collector I just wanted to see if anyone else had seen this or thought it was a bug or some really weird thing that is supposed to happen but not documented. It would not be the first time that zope had some really strange stuff in it. ;)

Are you talking about a DTMLFile in a Python product? DTMLFiles do not check security (nor do they normally need to, since they are trusted).


Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to