Optional arguments will still allow untrusted code to bypass security checks.
Yes, that's true.
Here are three solutions to this, two of which do not involve catalog changes:
- Use a proxy role on the script that invokes getObject which grants the permissions needed.
- Use self.unrestrictedTraverse(brain.getPath()) from trusted code
- Add a private method: unrestrictedGetObject() to the catalog brain API which does no security checking, but is inaccessible to untrusted code.
I think the last one is a good idea and I will implement it. The other two are available options for now.
Ok, I think it will be useful. Until then, the second option is a good solution for me. Thanks a lot for the suggestion.
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce