Jamie Heilman wrote:
> Now that we've reached closure on some of the outstanding security
> issues in Zope there's a lot of stuff in the Collector that needs to
> be revisited...
> 
> Brian Lloyd wrote:
...
> >   - Proxy rights on DTMLMethods transferred via acquisition
> 
> I believe this means issue #743 and issue #977 can be resolved now.
> Actually, #977 already was rejected IIRC but its never been marked as
> public which is rather irritating.  

I've verified that this is the case, #977 should be made public, and
#743 can resolved.
 
> >   - Improper security assertions on DTMLDocument objects
> 
> probably fixes issue #865, but because Zope-HEAD doesn't actually run
> right now, due to a myriad of other bugs, I actually haven't tested it

I've tested this now, #865 can be resolved.

-- 
Jamie Heilman                     http://audible.transient.net/~jamie/
"...thats the metaphorical equivalent of flopping your wedding tackle
 into a lion's mouth and flicking his lovespuds with a wet towel, pure
 insanity..."                                           -Rimmer

_______________________________________________
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to