launchpad-dev team mailing list archive
-
launchpad-dev team
-
Mailing list archive
-
Message #03890
Re: warning: we will soon have much noise in the test results...
On Monday 26 July 2010 10:29:56 Robert Collins wrote:
> Lastly, and here I expose my ignorance of some subtleties in zope - I
> thought security proxies only lived between view and model objects,
> not between model objects?
That's right. Once the code inside a proxied object is running, it's
effectively security-free and can see objects that the code outside of it
would not normally be able to access.
We need to be careful about this, because there's no protection against
returning data to the caller that it should not see.
Follow ups
References