Tiller, Michael (M.M.) wrote:
That isn't the point. The point is that a (properly configured) named pipe *is* more secure than a port (even a localhost port) because the permissions can be controlled at the system level. So it seems reasonable (to me) for somebody to want to use a named pipe.
I'd say you're in a minority there, though, which is never a good place to be with open source unless you're prepared to maintain whatever minority element it is that you're using.
In any case, I'm not looking to get into an argument about how well-reasoned our corporate security policies. I'm just trying to understand what the purported "more appropriate" alternatives are for PCGI.
Most people I know of use proxy pass or rewrite rules through Apache to Zope listening on a local port. Chris