From 2021a002c125f24995c78602e2f4b68df46b71f8 Mon Sep 17 00:00:00 2001
From: Chris McDonough <chrism@plope.com>
Date: Thu, 27 Jan 2011 17:59:07 -0500
Subject: - Beef up documentation related to ``set_default_permission``:
 explicitly   mention that default permissions also protect exception views.

---
 docs/narr/security.rst | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'docs')

diff --git a/docs/narr/security.rst b/docs/narr/security.rst
index 783810734..8b3427675 100644
--- a/docs/narr/security.rst
+++ b/docs/narr/security.rst
@@ -204,6 +204,13 @@ When a default permission is registered:
   and the view is registered *without* a permission (making it
   available to all callers regardless of their credentials).
 
+.. warning::
+
+   When you register a default permission, *all* views (even :term:`exception
+   view` views) are protected by a permission.  For all views which are truly
+   meant to be anonymously accessible, you will need to associate the view's
+   configuration with the ``__no_permission_required__`` permission.
+
 .. index::
    single: ACL
    single: access control list
-- 
cgit v1.2.3