davorin.rusevljan at gmail.com
Sun May 3 09:53:35 UTC 2009
On 5/2/09, Ross Boylan <RossBoylan at stanfordalumni.org> wrote:
> If I have data that I want to be sure can only be seen by specific
> users, is there a way to do that in Seaside?
> All the previous discussion I've seen on this list concerns session
> security. While that is necessary, it is not sufficient. My concern is
> more that someone with a legitimate session could use it to get at
> something unauthorized.
> I understand I can write my app to only show the right things; can a
> determined client get around that?
As far as I can see, you would need to take care not to display it to
him as a result of your programming error, and to prevent him from
executing Smalltalk code.
If information is sensitive, you might use some of the tricks of
> Ross Boylan
> seaside mailing list
> seaside at lists.squeakfoundation.org
More information about the seaside