Stephan Goeldi wrote:
> OK let me state that I don't think so (subject line). I had to choose this
> subject, because it seems to me, that nobody was interested in my previous
> attempts to get information about my problem. So here is my newbie (?)
> question again:
> I have the folders:
> /www/folder1
> /www/folder2
> Apache redirects domain1 to folder1 and domain2 to folder2.
> The manager of folder1 is able to browse to /www and see what folders exist
> there. He shouldn't, because he only exists in the acl_user of /www/folder1.
> He even can look into the folder /www/folder2 (but not into the objects).
> Is it possible to disable the access for the folder1-manager above folder1?
> It doesn't seem to me. If it really isn't possible, there is no security at
> all for ISP uses of Zope. But I'm sure, there should be a possibility.
> I even created a local role in /www/folder1 too. Even with the local role I
> can browse /www and /www/folder2!
> Any suggestions?

Create the user in the top level folder that they are allowed to
Not in the /www folder

-- Tim Cook --
Cook Information Systems | Office: (901) 884-4126 8am-5pm CDT
Free Practice Management 
Project Coordinator
OSHCA Founding Supporter

Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to