I very much want Zope 2.9 to use Zope 3's security architecture. Zope 3's security architecture is far more robust, but it is different in some significant ways:

- It protects names not values.  This means that you protect
  how you access things, not the things themselves.

- It doesn't provide key-bases access control for mapping
  objects.  If you can get any key, you can get all keys.
  This is less powerful that Zope 2's security system, but
  this is power we haven't needed for Zope 3 and I suggest
  we don't really need it for Zope 2.

- Non-basic values passed from trusted code to untrusted code
  are security proxied and thus protected.  This means that the
  security framework has a much greater reach than in Zope 2,
  Even trusted code is subject to the security system in many
  cases.  This can be a good thing or a bad thing, depending
  on your point of view. :)

- The Zope 3 security system is much more pluggable.  This means
  that it is much easier to provide alternate security policies
  to meet special needs to or exclude unneeded features.

For more information on the security system, see:





I see 2 main challenges:

- supporting implicit acquisition

- Backward incompatibilities:

  o No support for key-based access control

  o Trusted code will be subject to security restrictions
    in cases in which it isn't now.

I think there will be a number of significant benefits, including:

- Greater security

- Less complexity

- Less risk with new Python versions

- Narrower gap between Zope 2 and Zope 3.

This will be a fairly large job.  I won't have time to work on it before this
Fall.  I could certianly use some help. :)

Are there any objections?  Suggestions? Questions?


Jim Fulton mailto:[EMAIL PROTECTED] Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to