[ZODB-Dev] ZEO and Security
Jim Fulton
jim@digicool.com
Mon, 07 May 2001 16:04:25 -0400
Bill Anderson wrote:
>
> On 07 May 2001 11:06:20 -0700, Michel Pelletier wrote:
> > On 7 May 2001, Bill Anderson wrote:
> >
> > > On 07 May 2001 10:09:34 -0400, Chris McDonough wrote:
> > > > Ssh tunnelling is an effective workaround for now.
> > >
> > > Not really, as that just encrypts the traffic from the client. it does
> > > nothing to prevent, say, Bob from doing things he should do,such as
> > > messing around with Joe's data.
> >
> > Security is outside the domain of the database. ZODB does not know
>
> Since when??
Since I designed ZODB. I chose to make ZODB as small as possible
and require many features, such as security and indexing, to be
implemented at a higher level (the application level wrt ZODB,
which could still be an infrastructure level wrt some
"application").
I think that the problem you raise is a valid and interesting one.
I'm interested in seeing what ideas we can come up with to address
it.
Two general approaches come to mind:
- Build something that sits between ZODB and the application.
For example, using an OO-RPC like CORBA or Pyro sort of takes
this approach. I think that these ideas have some merit. It would
be interesting to see how they play out in practice.
- Build a custom storage that implements *some* security model.
It would have to work at the object/record level and would need
authentication at the connection level. (We do need, eventually,
to have the ability to authenticate ZEO connections.) This model
would probably be much more course grained than Zope's, but far more
fine grained than what you typically get with an RDBMS.
Jim
--
Jim Fulton mailto:jim@digicool.com Python Powered!
Technical Director (888) 344-4332 http://www.python.org
Digital Creations http://www.digicool.com http://www.zope.org