[Zope-dev] RE: [Zope3-dev] How (in)secure is Zope?
Tim Peters
tim@ZOPE.COM
Thu, 13 Mar 2003 21:22:16 -0500
[Christian Tismer]
> ...
> p.s.: sendmail? ssh? Python?
> Security exploits are discussed in the bugtraq list.
> I can find them all in the list archive.
> What about Zope? It is not in bugtraq.
The obvious conclusion is that no security hole has ever been discovered in
Zope. Whether that's a *correct* conclusion I take no position on, just
that it's the obvious conclusion <wink>.
> I think the answers given on the list were quite
> useful, thanks to you all!
You're welcome. Don't forget that Zope's source is open, too: lots of
eyeballs have scanned it, so the potentially dangerous modes of operation
seem well-known in the community.