[Zope-dev] Zope security alert and 2.2 information

Steve Alexander steve@cat-box.net
Wed, 10 May 2000 15:10:45 +0100


"Morten W. Petersen" wrote:
> 
> >
> > Hmm, how do this 'nobody' user and the Anonymous user interact?
> > Are they the same? Should they be? what are the differences?
> >
> 
> I think he means Anonymous..

Nope. See http://www.zope.org/Members/jim/ZopeSecurity/ServerSideTrojan
about one quarter the way down.

"What is the relationship between the owner and owner roles?

They are mostly independent. Whenever an owner is changed, the new owner
will get the owner role on the object. The exception is the unlikely
case in which the new owner is the special user nobody. The nobody user
never gets the owner role."

--
Steve Alexander
Software Engineer
Cat-Box limited