[Zope] properties security ?

[Julián Muñoz <jmunoz@xxxxxxxxxxxxxx>]

I would like to know howto limit the access to the properties of a folder.

For example, now everybody can view them doing a xml-rpc query like (in
python):

>>> w=xmlrpclib.Server('http://www.my_server.com/')
>>> w.propertyItems()


Disabling "Access contents information" permission of the folder for
anonymous solves this.

But I haven't found any reference about this, and I don't know if this is
correct. At a first glance, changing this permission is annoying, because
many other objects acquire this property from there (the folder is the
root folder of a project), and "nothing" works well ....


Is there another permission ? (It doesn't seem...)

Or is storing sensible datas in folder properties a really bad idea ?


Thank you !

-- 

      __o
    _ \<_
   (_)/(_)

Saludos de Julián
EA4ACL
-.-



_______________________________________________
Zope maillist  -  Zope@xxxxxxxx
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )