[Zope-dev] root ZServer

Alan Milligan alan at balclutha.org
Wed Jan 19 01:04:53 EST 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andreas Jung wrote:

| There is zero need to relax this requirement. You only have to start
| Zope as root
I just explained you cannot start as root ...

| to get port 80 but it is in general not a good idea for *any* service to
| run
| as root for security reasons. So there is absolutely no reason to *not*
| changing
| the the uid of the process to a user with less permissions.
Says you!!

I happen to be using zope to wrap a number of excellent Python rpm
packaging scripts/modules (eg yum, mach), and as part of this process,
need to do rpm package installs from the zope server which obviously
requires root access.

I see no reason why I should be penalised for using the excellent
workflow features of Zope in a system programming environment.

If Zope is to be useful to the widest cross community, we really MUST
stop this 'we know best' attitude and allow people at the coalface to
override default behaviour as only they are in a position to evaluate
the appropriateness of the 'security reasons'.

How about a 'yes' response this time.

Alan

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFB7fiFCfroLk4EZpkRAoDZAJ40UveUjpBGyN0/1VnUmZUQz0GctgCfa+R1
tvE2RP5DNwa2IlEmMmX2l0g=
=JNQg
-----END PGP SIGNATURE-----


More information about the Zope-Dev mailing list