[ZODB-Dev] ZEO signal feature
Christian Reis
kiko@async.com.br
Mon, 23 Sep 2002 15:53:30 -0300
On Mon, Sep 23, 2002 at 02:35:47PM -0400, Guido van Rossum wrote:
> > We assume that the server itself is secure (and for local apps, that the
> > permissions on the .fs file only allow access through the ZEO), which is
> > in our opinion perfectly acceptable, and simplifies things a lot.
>
> What do you mean by "the server itself is secure"? Anyone who can
> make a TCP connection to your ZEO server can connect to it. This is
> why we recommend running ZEO only inside a firewall.
I mean that, in the case of the server being hacked, the authentication
can be easily disabled (as it relies on a custom ZEO class being used).
I guess this is pretty much a given in any server-side access control
mechanism (though perhaps some sort of self-validation technique could
be used if a hardware key or something external was used.)
Yep, the ZEO can be connected to by anybody; a valid Storage only is
obtainable, however, if user authentication succeeds.
Anyone have an opinion about *where* the username/passwords should be
stored? As far as I'm concerned, the ZODB is the place to put them.
We're using a hardcoded dictionary (I know, I know, it's a test) in our
test, but as soon as we decide on a place/key to store it and a way to
access it, we'll move it.
Opinions?
[I've tried warning Johan about the spaces before function names. He
never listens.]
Take care,
--
Christian Reis, Senior Engineer, Async Open Source, Brazil.
http://async.com.br/~kiko/ | [+55 16] 261 2331 | NMFL