Big +1 from me on this.
I had to do a whole lot of hacks to get this stuff running on app engine and
had to gut zope.proxy which was ugly and obviously unsupported.
After getting this running which was a big task I decided to go with
just didn't have the security proxies at all because I wouldn't have to
support my wierd gutted
fork of zope.proxy and zope.security. (under gae I am not running any
Having a standard way to turn this stuff would be great,
On Mon, Jun 22, 2009 at 5:36 PM, Jim Fulton <j...@zope.com> wrote:
> On Jun 21, 2009, at 9:40 PM, Stephan Richter wrote:
> > On Sunday 21 June 2009, Jim Fulton wrote:
> >> Thoughts?
> > +1. Sounds really good!
> > BTW, I would love to hear about a practical example for overriding
> > proxy()
> > other than turning off security altogether.
> 2 examples:
> - Use a Python-based proxy that's good enough for supporting access
> control in trusted code. (It wouldn't protect against devious
> untrusted code, but most applications don't really need to run
> untrusted code.)
> - Use a better system for managing checkers.
> Probably the most important feature is disabling proxy-based
> protection for applications that don't need an access control model or
> that use a non-proxy-based approach.
> Jim Fulton
> Zope Corporation
> Zope-Dev maillist - Zope-Dev@zope.org
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://mail.zope.org/mailman/listinfo/zope )
Zope-Dev maillist - Zope-Dev@zope.org
** No cross posts or HTML encoding! **
(Related lists -