zope access to external files
Greetings All, Some stats on my (stale, and soon to be updated) setup: Zope Version (Zope 2.4.1 (binary release, python 2.1, linux2-x86), python 2.1.0, linux2) Python Version 2.1 (#2, Jun 22 2001, 10:20:42) [GCC 2.7.2.3] System Platform linux2 I have a couple of objectives: 1. I want to restrict file access by user. 2. I want to serve objects from zope to accomplish objective #1 above, but I want the objects to be in the filesystem. I want to be able to say, "The contents of directory X are available only to user Y." I looked through the list of products in the "External Access" category and there were a couple of good candidates. The localfs listing was hard to find but it did turn up in a faq somewhere. http://www.zope.org/Members/arielpartners/ExternalFile http://www.zope.org/Members/MacGregor/ExtFile http://sourceforge.net/projects/localfs Questions: Can anyone recommend one of these products over the other? Will they let me do what I describe? Are there products which are a better fit? Is there an easier/better way? My apologies if this has been answered in the mailing list recently. An archives search did not turn up anything. Thanks in advance, -- Ricardo Anguiano http://www.codesourcery.com
On Tue, Mar 04, 2003 at 09:29:02AM -0800, Ricardo Anguiano wrote:
http://www.zope.org/Members/arielpartners/ExternalFile http://www.zope.org/Members/MacGregor/ExtFile http://sourceforge.net/projects/localfs
Questions:
Can anyone recommend one of these products over the other?
they serve different needs... localfs will map a whole directory and all its subdirectories, ExtFile and ExternalFile will only do 1 file per instance.
Will they let me do what I describe?
if the users are zope users, sure - just an a LocalFS for each user and restrict access to the owner. on the filesystem, everything must be readable by the user who runs the Zope process. -- Paul Winkler http://www.slinkp.com
Paul Winkler <pw_lists@slinkp.com> writes:
On Tue, Mar 04, 2003 at 09:29:02AM -0800, Ricardo Anguiano wrote:
http://www.zope.org/Members/arielpartners/ExternalFile http://www.zope.org/Members/MacGregor/ExtFile http://sourceforge.net/projects/localfs
Questions:
Can anyone recommend one of these products over the other?
they serve different needs... localfs will map a whole directory and all its subdirectories, ExtFile and ExternalFile will only do 1 file per instance.
Ah, good to know.
Will they let me do what I describe?
if the users are zope users, sure - just an a LocalFS for each user and restrict access to the owner.
Yes, the users are zope users. I did exactly what you describe and it works great.
on the filesystem, everything must be readable by the user who runs the Zope process.
Definitely. Thanks, -- Ricardo Anguiano http://www.codesourcery.com
On Tue, Mar 04, 2003 at 10:56:51AM -0800, Ricardo Anguiano wrote:
if the users are zope users, sure - just an a LocalFS for each user and restrict access to the owner.
Yes, the users are zope users. I did exactly what you describe and it works great.
you might want to double-check your setup to be sure that tricks involving ../ do not let the user access files they should not. -- Paul Winkler http://www.slinkp.com
Paul Winkler <pw_lists@slinkp.com> writes:
On Tue, Mar 04, 2003 at 10:56:51AM -0800, Ricardo Anguiano wrote:
if the users are zope users, sure - just an a LocalFS for each user and restrict access to the owner.
Yes, the users are zope users. I did exactly what you describe and it works great.
you might want to double-check your setup to be sure that tricks involving ../ do not let the user access files they should not.
It doesn't appear that one user can dot-dot-slash their way into another other user's directory. Even if they guess the path, they are asked for authentication again if they get it right. User1 not being defined in User2/acl_users, and restricting User2/content to owner makes it hard for User1 to access User2's content. Thanks for the reminder though, -- Ricardo Anguiano http://www.codesourcery.com
At 09:29 AM 3/4/2003, Ricardo Anguiano wrote:
1. I want to restrict file access by user.
2. I want to serve objects from zope to accomplish objective #1 above, but I want the objects to be in the filesystem.
You can do that with Zope, but reading between the lines a bit, these sound like static files you're serving. If so, I'd recommend putting Apache in front of Zope and letting Apache handle it with a RewriteRule like: RewriteRule ^/files/(.*) /home/httpd/mysite/files/$1 [L] It doesn't get much easier than that. ;-) Zope should (IMO) be used primarily for serving dynamic content. It's fantastic at what is does well, but it just doesn't hold a candle to Apache for serving static content... nor should it. They're two very different tasks.
I want to be able to say, "The contents of directory X are available only to user Y."
This isn't a great idea, for the most part. If you're looking for more than trivial security, I wouldn't volunteer information like that.
Cool domain name. :-) Dylan
Dylan Reinhardt <Dylan@DylanReinhardt.com> writes:
At 09:29 AM 3/4/2003, Ricardo Anguiano wrote:
1. I want to restrict file access by user.
2. I want to serve objects from zope to accomplish objective #1 above, but I want the objects to be in the filesystem.
You can do that with Zope, but reading between the lines a bit, these sound like static files you're serving.
The files will be updated nightly. The distinction between static files which are updated often and dynamic content has never been clear to me. The files are large so I don't want to stick them into the zope db.
If so, I'd recommend putting Apache in front of Zope and letting Apache handle it with a RewriteRule like:
RewriteRule ^/files/(.*) /home/httpd/mysite/files/$1 [L]
It doesn't get much easier than that. ;-)
True, but this option was rejected because there was no authentication. We could do a .htaccess thing, but we are already using zope and it already does users nicely.
Zope should (IMO) be used primarily for serving dynamic content. It's fantastic at what is does well, but it just doesn't hold a candle to Apache for serving static content... nor should it. They're two very different tasks.
I want to be able to say, "The contents of directory X are available only to user Y."
This isn't a great idea, for the most part. If you're looking for more than trivial security, I wouldn't volunteer information like that.
Hmm. I don't understand. Zope provides lots of control over users, roles and content. Are you saying I should ignore that framework and use something else? Zope's access control, users, passwords and SSL meet our needs. The only other thing I can think to do in this case is to issue SSL client certs to verify the user's identity. Users already access the content via https only and have no local access to the machine.
Cool domain name. :-)
Thanks, I can't take credit for that one. :) [PS: apache+ssl+zope+localfs seems to be doing the job nicely. It took me a few minutes this morning.] -- Ricardo Anguiano http://www.codesourcery.com
At 10:37 AM 3/4/2003, Ricardo Anguiano wrote:
The files will be updated nightly. The distinction between static files which are updated often and dynamic content has never been clear to me. The files are large so I don't want to stick them into the zope db.
To some degree that's an academic question. My $.02 would be that any content that remains static between updates is static, regardless of how often that process occurs. Content should be regarded as dynamic when it changes or works differently depending on state or environment.
If so, I'd recommend putting Apache in front of Zope and letting Apache handle it with a RewriteRule like:
RewriteRule ^/files/(.*) /home/httpd/mysite/files/$1 [L]
It doesn't get much easier than that. ;-)
True, but this option was rejected because there was no authentication. We could do a .htaccess thing, but we are already using zope and it already does users nicely.
True enough. It's possible to get Apache to do authorization and pass through authentication to Zope, but I've not tried it. One old reference that may help is here: http://lugwash.washtenaw.cc.mi.us/linux-users/199907/0078.html Obviously, you're probably not using Zope.cgi, but I expect that this can be adapted to VHM pretty easily. But this might not be the *easiest* solution for one-stop TTW management... localfs is probably that solution
I want to be able to say, "The contents of directory X are available only to user Y."
This isn't a great idea, for the most part. If you're looking for more than trivial security, I wouldn't volunteer information like that.
Hmm. I don't understand. Zope provides lots of control over users, roles and content. Are you saying I should ignore that framework and use something else?
I'm suggesting that giving unauthorized people clues how to crack your security is a mistake in any environment... Zope included. But maybe I'm just paranoid. :-) Dylan
http://www.zope.org/Members/arielpartners/ExternalFile http://www.zope.org/Members/MacGregor/ExtFile http://sourceforge.net/projects/localfs
Questions:
Can anyone recommend one of these products over the other? Will they let me do what I describe? Are there products which are a better fit? Is there an easier/better way?
There's one angle I want to cover here that hasn't been done yet. I won't recommend any of these over the other (they've all worked fine for me in various capacities) but I will describe how they are different: ExtFile/ExtImage simply stores its contents on the filesystem. Although you can find out where, you really shouldn't monkey with the repository. This is the product to use if you just want to keep things out of the ZODB and don't care about getting to things on the FS. External File gets its data from a *specific* file on the filesystem. If you want a single file to live in Zope and on your FS, and to be manipulable from both, use this. LocalFS (and yes, it is hard to find on zope.org) makes an entire specific directory visible in Zope as folderish objects and content. If you have a variable number of files to access, or want to publish a whole directory, and don't mind it being in its own folder, use this. I suppose there's room in the list above for an ExtFolder product, which stores some tree of Zope objects on the FS somewhere. But perhaps mounting a Directory Storage does this. Academic anyway. Also, if you ask me, using Zope's security mechanisms is a fine reason to put even mostly-static content under Zope control. There is good reason to let Apache serve static content, however: makes me think about how, say, a StaticApacheFile might work. --jcc
On Tue, Mar 04, 2003 at 02:24:13PM -0600, J Cameron Cooper wrote:
I suppose there's room in the list above for an ExtFolder product, which stores some tree of Zope objects on the FS somewhere. But perhaps mounting a Directory Storage does this.
FYI, it does not. -- Paul Winkler http://www.slinkp.com
There is good reason to let Apache serve static content, however: makes me think about how, say, a StaticApacheFile might work.
I have to at this point mention FSCacheManager which takes an object from Zope and writes it out as a static file so in future hits it will be served as a static file from Apache. Not really the same thing and doesn't help the poster, but I think worth mentioning in a static file overview ;) -- Andy McKay
participants (6)
-
Andy McKay -
Dylan Reinhardt -
Dylan Reinhardt -
J Cameron Cooper -
Paul Winkler -
Ricardo Anguiano