25 Jun
2001
25 Jun
'01
8:15 a.m.
So I think something has to be done to restore Zope confidence around ISPs, but unfortunately I don't know what.
This might not be relevant to your ISP's setup, but since Zope normally shouldn't access anything outside its $HOME, shouldn't it be fairly straightforward to set up the ZServer to use a restricted environment (rexec)? Alternatively one could do a chroot() before starting the server. Have anybody hacked the ZServer to run restricted?
I run Zope on a FreeBSD box in a jail (that is a chrooted environment that acts like a standalone Unix box). It is fairly simple to setup (just follow the examples in 'man jail'). No changes were needed in any Zope code. Reinoud