Optional arguments will still allow untrusted code to bypass security

Yes, that's true.

Here are three solutions to this, two of which do not involve catalog changes:

   - Use a proxy role on the script that invokes getObject which grants the
   permissions needed.

   - Use self.unrestrictedTraverse(brain.getPath()) from trusted code

   - Add a private method: unrestrictedGetObject() to the catalog brain API
   which does no security checking, but is inaccessible to untrusted code.

   I think the last one is a good idea and I will implement it. The other
   two are available options for now.

Ok, I think it will be useful.  Until then, the second option is a good solution for 
me.  Thanks a lot for the suggestion.


Santi Camps
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to