[Zope-dev] How (in)secure is Zope?

[Jamie Heilman]

Lennart Regebro wrote:
> 5. Protecting yourself against denial of service:
> Zope does not seem to crash if you send random data to it, and I
> have in logs seen attemps to overflow buffers and the like that
> obviously are attempt to crash or break in to other (MS) servers,
> without this affecting Zope at all. If you don't trust Zope in this,
> you can put Apache in front of it.
> 
> In this sense Zope is again VERY secure.

No it isn't.


(somewhere far in the distance Rainer Wolfcaststle is heard crying,
"My RAM!  The proxies, they do nothing!")