Thanks a lot for your reply,
but up to now, I don't exactly know, which components are trusted or untrusted. Ok, If I understand that right, that components made of untrusted code are special interest of checkers and those checkers decide if the component can do some things or not. And those decision is based on permission defined in the security policy. Components made of trusted code can do everything they want, that means there are no security checks. But again, what is trusted and untrusted code? Are views always trusted code? And what's the border? If I am in an untrusted code and I call a method of a trusted code, this means I enter the trusted code (if I have the right permissions). Sorry, but I do not understand fully this distinction, Thanks a lot for replies! _______________________________________________ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users