[Zope-Checkins] SVN: Zope/branches/Zope-2.8/doc/ Playing with
branches some more
Jim Fulton
jim at zope.com
Mon May 10 15:46:29 EDT 2004
Log message for revision 24357:
Playing with branches some more
-=-
Deleted: Zope/branches/Zope-2.8/doc/SECURITY.txt
===================================================================
--- Zope/branches/Zope-2.8/doc/SECURITY.txt 2004-05-10 19:43:08 UTC (rev 24356)
+++ Zope/branches/Zope-2.8/doc/SECURITY.txt 2004-05-10 19:46:28 UTC (rev 24357)
@@ -1,85 +0,0 @@
-Setting the initial user name and password
-
- Because Zope is managed through the web, user names and passwords must be
- used to assure that only authorized people can make changes to a Zope
- installation.
-
- Some user name and password is needed to "bootstrap" the creation of
- normal managers of your Zope site. This is accomplished through the
- use of the file 'inituser'. The first time Zope starts, it will detect
- that no users have been defined in the root user folder. It will search
- for the 'inituser' file and, if it exists, will add the user defined
- in the file to the root user folder.
-
- Normally, 'inituser' is created by the Zope install scripts. Either
- the installer prompts for the password or a randomly generated
- password is created and displayed at the end of the build script.
-
- You can use the 'zpasswd.py' script to create 'inituser' yourself.
- Execute 'zpasswd.py' like this::
-
- python zpasswd.py inituser
-
- The script will prompt you for the name, password, and allowed
- domains. The default is to encode the password with SHA, so please
- remember this password as there is no way to recover it (although
- 'zpasswd.py' lets you reset it.)
-
- In some situations you may need to bypass normal security controls
- because you have lost your password or because the security settings
- have been mixed up. Zope provides a facility called an "emergency
- user" so that you can reset passwords and correct security
- settings.
-
- The emergency user password must be defined outside the application
- user interface. It is defined in the 'access' file located
- in the Zope directory. It should be readable only by the user
- as which your web server runs.
-
- To create the emergency user, use 'zpasswd.py' to create the
- 'access' file like this::
-
- python zpasswd.py access
-
- In order to provide a somewhat higher level of security, various
- encoding schemes are supported which provide access to either SHA-1
- encryption or the standard UNIX crypt facility if it has been compiled
- into Python. Unless you have some special requirements (see below),
- you should use the SHA-1 facility, which is the default.
-
-Format of 'inituser' and 'access'
-
- A password file should consist of a single line of the form:
-
- name:password
-
- Note that you may also add an optional third component to the line
- in the access file to restrict access by domain.
- For example, the line:
-
- mario:nintendoRules:*.mydomain.com
-
- in your 'access' file will only allow permit emergency user access
- from *.mydomain.com machines. Attempts to access the system from
- other domains will fail, even if the correct emergency user name
- and password are used.
-
- Please note that if you use the ZServer monitor capability, you will
- need to run with a clear text password.
-
-Setting permissions on the var directory.
-
- You need to set permissions on the Zope var directory.
- Zope needs to read and write data from its var directory. Before
- running Zope you should ensure that you give adequate permissions
- to the Zope var directory for the userid Zope will run under.
-
- Depending on how you choose to run Zope you will need to give
- different permissions to the var directory. If you use Zope with an
- existing web server, it will probably run Zope as 'nobody'. In this
- case 'nobody' needs read and write permissions to the var directory.
-
- If you change the way you run Zope you may need to modify the permissions
- of the var directory and the files in it to allow Zope to read and write
- under its changed userid.
-
Modified: Zope/branches/Zope-2.8/doc/ZEO/trace.txt
===================================================================
--- Zope/branches/Zope-2.8/doc/ZEO/trace.txt 2004-05-10 19:43:08 UTC (rev 24356)
+++ Zope/branches/Zope-2.8/doc/ZEO/trace.txt 2004-05-10 19:46:28 UTC (rev 24357)
@@ -124,3 +124,5 @@
The simul.py tool shows the number of cache flips in the FLIPS column.
If you see more than one flip per hour the cache may be too small.
+
+blah blah
More information about the Zope-Checkins
mailing list