Tres Seaver wrote:
The prior behavior (allowing users to access protected resources "above"
the domain of their user folders) was a security hole caused by a bug,
and was never documented as allowable: correcting it was a matter for a
rather urgent fix, as it broke the explicitly-documented model.
I don't think that's what Michael and I were commenting on...
IIRC, if you had scripta calling scriptb, you used to be able to give
scripta a proxy role and scriptb would also execute with that role.
However, again IIRC, in current Zope releases, if you give scripta a
proxy role, when it calls scriptb, scriptb will just run with the roles
of the current user.
Have I got this right? If so, I wonder why the change was made...
Simplistix - Content Management, Zope & Python Consulting
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -