[ZDP] BackTalk to Document The Zope Book (2.5 Edition)/Users and Security

webmaster@zope.org webmaster@zope.org
Sun, 13 Oct 2002 22:58:23 -0400


A comment to the paragraph below was recently added via http://www.zope.org/Documentation/Books/ZopeBook/current/Security.stx#4-24

---------------

        The anonymous user has security controls like any other, it
        has the role *Anonymous*. By default the *Anonymous* role can
        only access public resources, and can't change any Zope
        objects. You can tailor this policy, but most of the time
        you'll find the default anonymous security settings adequate.

          % Anonymous User - Sep. 22, 2002 2:39 pm:
           _*Anonymous*_ may only access objects with a 'View' permission, right?
           So far only users were discussed.
           Maybe there should be a section on possible perms before or at least 1 sentence here about a later section.

          % Anonymous User - Oct. 13, 2002 10:58 pm:
           I think what's really missing here is a clear explanation of the default security policy in Zope. "Acquire"
           for security settings isn't very helpful when we don't know what we're acquiring!