I like to modify (by subclassing) Plone SecurityPolicy(I like to introduce negative permissions, but this does not apply to my question) and find no way to do this.
In etc/site.zcmlthere is a property called SecurityPolicypointing to AccessControl.security.SecurityPolicy. But this class and its ancestor are not called. Instead, AccessControl.ImplPython.ZopeSecurityPolicycImplementation is called during a security check. There is a lame comment in the code, but no more.
If one modifies etc/site.zcmland points it to a user SecurityPolicy, the policy is registered in the global variable _defaultPolicy, but in reality nothing has changed. Also, a call setSecurityPolicy(e.g., called zope.processlifetime.IProcessStarting) changes the global, but without effect.
So the question remains: how to change Plone SecurityPolicy?
Please, no recommendations and discussions about why I prefer to change the security policy and, if necessary. I grew up with zope3 security system and would like to have more in plone. Just give me a pen.
source
share