SecureZEO rehash, was Re: [ZODB-Dev] ZEO signal feature

Tim Hoffman timhoffman@cams.wa.gov.au
24 Sep 2002 16:06:37 +0800


Hi Toby

In my case that approach was in sufficient. I needed to 
ensure that some ZEO clients can not write to the ZODB, 
and iptables doesn't look at zope-rpc calls so it can't say
whoa there, you can't write. All it can do is say you can or can't
connect.

Tim


On Tue, 2002-09-24 at 15:20, Toby Dickenson wrote:
> On Tuesday 24 Sep 2002 1:56 am, Tim Hoffman wrote:
> 
> > I have been doing IP based access control with ZEO for quite some time
> > now,
> 
> I do this using iptables in linux.
> 
> No need to patch ZEO. And theres no worry about the possibility of ZEO having 
> a security hole in or before your address-checking code.
>