13 Mar
2003
13 Mar
'03
10:13 a.m.
On Thursday 13 March 2003 9:25 am, Lennart Regebro wrote:
5. Protecting yourself against denial of service: Zope does not seem to crash if you send random data to it, and I have in logs seen attemps to overflow buffers and the like that obviously are attempt to crash or break in to other (MS) servers, without this affecting Zope at all.
There is evidence that this is not true.
If you don't trust Zope in this, you can put Apache in front of it.
In this sense Zope is again VERY secure.
Zope is insecure Zope+Squid(or Apache or Pound)+OS resource limits+careful choice of products is secure (Note that I dont consider this a flaw in Zope.) -- Toby Dickenson http://www.geminidataloggers.com/people/tdickenson