Dieter Maurer wrote:
> A user that does not log in, i.e. a user you know nothing of,
> gets the "Anonymous" role automatically (at least with "acl_users").
> A logged in user may not get the "Anonymous" role.
>
> This does not provide additional security, because this
> user may simply shut down his browser and access the page again
> as anonymous user.
> On the other hand, it may result in surprises: suddenly (after
> a log on) I can no longer do things that I was able to do
> before the log on.
>
> I think, this should be changed.
I agree, and I've said so, many times before ;-)
Chris
_______________________________________________
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )
