[ZODB-Dev] Secure ZODB/ZEO channel
Ken Manheimer
klm@digicool.com
Fri, 25 May 2001 12:41:31 -0400 (EDT)
On Fri, 25 May 2001, Neil Schemenauer wrote:
> On Fri, May 25, 2001 at 12:17:01PM -0400, Ken Manheimer wrote:
> > There's one other thing to consider here, as well. ZEO can be run to talk
> > via a unix-domain socket (via the '-U' option - see the ZEO start.py
> > script). This seems to me to offer a nice, generic access path against
> > which to build a secure mediator of some sort.
>
> Alternatively, listen on 127.0.0.1.
Localhost is still accessible to people logged into the server host.
(While i would expect that substantial network services would have their
own host, someone mentioned this objection to localhost in the thread to
which my message was a belated response - i meant to address it, too...)
Ken