On Thu, 24 Jun 2004 19:04:55 +0200
Dieter Maurer <[EMAIL PROTECTED]> wrote:

> Casey Duncan wrote at 2004-6-18 09:58 -0400:
> > ...
> >Security was tightened for getObject recently as part of a general
> >refactor of that code. I am happy to consider whether the security is
> >too tight, in which case it could be backed off a bit.
> I think, you should only require access rights to the object itself
> and not to all folders from the root to the object.
> It is not uncommon that upper levels are more restricted than
> subhierarchies. This is what Zope's URL traversal
> allows: Only the object identified by URL traversal is
> accessed checked.
> That ZCatalog identifies objects by physical path is an implementation
> artifact. It should not make it impossible to access an
> object via the catalog that otherwise can be accessed without
> problem.
> > ...
> >For hysterical raisins, REQUEST.traverse() does not behave this way.
> >It instead checks only the final object traversed.
> That's a good behaviour...

Except when it isn't ;^) OTOH it is closer to the behavior of getObject
in 2.7.0. Ironically it used to use restrictedTraverse long ago...


Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to