[Zope-dev] Integrating ZEO with Zope 2.7
Guido van Rossum
guido@python.org
Wed, 02 Oct 2002 16:10:40 -0400
> > IMHO, Zope releases should, in this scenario, be configured by default to
> > use a custom_zodb.py file with ClientStorage over a socket at startup,
>
> That is a tempting idea.
>
> Use of a TCP socket has security implications that make it a bad
> choice for a default, unless we implement mutual authentication.
>
> Use of a unix socket has the obvious problem that it wont work on windows.
What about using localhost? I'm not sure, but it seems to me that
localhost cannot be connected to from outside the machine. On Unix, a
Unix socket is the best idea; on Windows, localhost would prevent
access from outside the machine, and Windows boxes typically have only
one user, so I'm not concerned about internal attackers.
--Guido van Rossum (home page: http://www.python.org/~guido/)