Pierre-Julien Grizel wrote:
>
> Hum... A possible way to solve this problem is to practice the "you
> can't do ANYTHING but..." policy... And, thus, according proxy roles to
> the methods that must access it, such as index_html.
> I know it's constraining but with a little work we can end up with
> something quite secure & secret.
It's not secret, you can still use /objectIds and /objectValues to find
out about things...
Secure, yes it is that.
But, it's a lot more than a little work.
What I was suggesting was something to do the grunt work of all this
with the same outcome.
oh well...
Chris
_______________________________________________
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )
