26 Jun
2002
26 Jun
'02
7:24 p.m.
Doug Chamberlin writes:
I've seen some people advise not placing a ZServer server directly accessible on the Internet due to security concerns. I guess the recommended practice is to front the Zope service via Apache, et al. I have no great objection to this but I'd like to know more about why. Zope, itself, appears to this newbie to be reasonably secure with the user_acl stuff built in. Are appearances deceiving? Please search the mailing list archives.
Once, I saw a comprehensive list there... Dieter