Jamie Heilman wrote: > Now that we've reached closure on some of the outstanding security > issues in Zope there's a lot of stuff in the Collector that needs to > be revisited... > > Brian Lloyd wrote: ... > > - Proxy rights on DTMLMethods transferred via acquisition > > I believe this means issue #743 and issue #977 can be resolved now. > Actually, #977 already was rejected IIRC but its never been marked as > public which is rather irritating.
I've verified that this is the case, #977 should be made public, and #743 can resolved. > > - Improper security assertions on DTMLDocument objects > > probably fixes issue #865, but because Zope-HEAD doesn't actually run > right now, due to a myriad of other bugs, I actually haven't tested it I've tested this now, #865 can be resolved. -- Jamie Heilman http://audible.transient.net/~jamie/ "...thats the metaphorical equivalent of flopping your wedding tackle into a lion's mouth and flicking his lovespuds with a wet towel, pure insanity..." -Rimmer _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )