Who can see changes made to objects?

Scope, in this instance, refers to what data a visitor to a web site can see.  Do all users view the same data in a model?  Do users of the same browser view the same data, or is data private and specific to each individual user?

The scope of a model completely depends on what is returned as a result of traversal.

Any objects stored in the ZoDB are global in scope- which is to say that if an object is located and instantiated through the ZoDB the same object (or a representation of it) is returned regardless of who requests it.

A parallel may be drawn to a Python object which represents a row in a table of a relational database (eg. SQLAlchemy).  When instantiated, the information in the row is copied into such an object, and when the object must refresh the database from any changes to it's state, the changed database values are updated from the object.  ZoDB objects work exactly like that.

However, it may be that a traversal path might return different objects depending on something specific like a cookie, session or user data.

For example, a browser session cookie can ensure that a given server side object will be specific to a browser.  Remember that although a browser is generally only ever used by only one person, this might not always be the case.  The same browser used by two different people cannot differentiate between the people.  This is the case for the "basic auth" protocol.

If a person is authenticated by providing credentials and a shared secret, a traversal path such as

"/myserver/user/name"

might be interpreted by a traverser so as to return a different user object for each authenticated person.  In such a case, the scope of the data object, or model instance,  would be specific to each user.