[z3-five] Unexpectedly unprotected code

Chris Withers chris at simplistix.co.uk
Wed Jan 31 21:10:02 CET 2007 

Martijn Faassen wrote:
> I agree the use case exists. I'm not sure how important it is, though 
> traditionally it's been quite important to Zope 2.

I think the userbase who used to thrive on this have, for the whole, 
moved over to Plone.

> I think there are a lot of *other* things we should be doing first to 
> make an inexperienced developer happier with Zope 3. Some of those 
> things we've been trying to do with Grok.

Agreed. I think supporting the use case I mention is an application of 
zope 3, not zope 3 itself...

> One of the things that bugs me even as an *experienced* developer is 
> that Zope 3's pervasive security has a heavy cost during development.

I don't agree.

Zope's fundamental premise is publishing a tree of objects by various 
protocols. If you do that, you need to make sure you're not exposing 
things to abuse by untrusted users, and the only way to do that is to 
deny-by-default everything to publishing protocols.

Perhaps the way this is currently done is Zope 3 isn't as developer 
friendly as it should be, but you really really want a big 
deny-by-default hammer somewhere between "trusted code" and any 
publishing protocol.

> It 
> happened to me quite frequently I had to debug why Zope 3 didn't let me 
> do something I should do, and I had to dig through ZCML files 

I thought we'd established that zcml sucks? ;-)

> and add 
> security declarations quite often,

I think you need to positively declare the security assertions relating 
to objects (be they simple python types, functions, methods or anything 
else) somewhere...

> and mess about with __parent__ quite 
> often, 

Yes, the containment constraint of Zope 2 and 3 security policies is 
annoying. I hope to implement a security policy for zope 3 at some point 
that is purely context-based rather than containment based.

> and use removeAllSecurityProxies() and such quite often. 

It's a shame you have to do that :-(

cheers,

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk

More information about the z3-five mailing list