[Zope-dev] RFClarification: Security on Product Attributes

Jim Fulton jim@digicool.com
Thu, 05 Oct 2000 15:56:54 -0400 

Chris Withers wrote:
> 
> Hi,
> 
> If I have the following lines in a Python Product:
> 
>     def __init__(self, id):
>         """initialise a new instance of product"""
>         self.id = id
>         self.title = 'Title!'
>         self.anInt = 0
>         self.aString = 'testing'
> 
> Are these attributes protected by the security machinery?
> If so, how so?

Yes. There are two ways of protecting objects, depending on
whether they (can) have a __roles__ attribute. None of the
values above can have a __roles__ attribute, so they are covered 
by assertions made in their containers.

See http://www.zope.org/Members/michel/Projects/Interfaces/ZopeSecurityPolicy

Note that if you can't adequately control something that
can't have __roles__, you can provide an access function
(e.g. getAnInt), which you can control

> Can I read them? I think the answer is yes for anInt and no for aString.

Probably, if you can get at one, you can get at the other.

> Don't know the mechanics of title and id, I'm guessing they're going to
> be special cases whatever...

Nope, except that we may provide separate accessors (e.g. getId).
 
> Are they protectable by permissions? I do hope so although my experience
> is that, at best, it's not necessary, which is contrary towhat I thought
> the new security policy was.

The goal of the new security policy was to:

  - Centralize authorization policies

  - Begin the tightening of access to attributes/sub-objects
    that can't have roles.
 
> Should they have to be protected by permissions? Probably...

If you need the sort of control that permissions provide, 
you should consider providing accessors that can play with 
permissions.
 
Jim

--
Jim Fulton           mailto:jim@digicool.com   Python Powered!        
Technical Director   (888) 344-4332            http://www.python.org  
Digital Creations    http://www.digicool.com   http://www.zope.org    

Under US Code Title 47, Sec.227(b)(1)(C), Sec.227(a)(2)(B) This email
address may not be added to any commercial mail list with out my
permission.  Violation of my privacy with advertising or SPAM will
result in a suit for a MINIMUM of $500 damages/incident, $1500 for
repeats.