Tres Seaver wrote:
The prior behavior (allowing users to access protected resources "above"
the domain of their user folders) was a security hole caused by a bug,
and was never documented as allowable:  correcting it was a matter for a
rather urgent fix, as it broke the explicitly-documented model.

I don't think that's what Michael and I were commenting on...

IIRC, if you had scripta calling scriptb, you used to be able to give scripta a proxy role and scriptb would also execute with that role. However, again IIRC, in current Zope releases, if you give scripta a proxy role, when it calls scriptb, scriptb will just run with the roles of the current user.

Have I got this right? If so, I wonder why the change was made...


Simplistix - Content Management, Zope & Python Consulting

Zope maillist  -
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to