[Zope] www.oswg.org runs Zope?

[Tino Wildenhain]

Hi,

srl wrote:
> 
> Now, the fact that we can add /manage to any URL to edit the data seems
> like a potential security hole. all it would take to crack a Zope password
> would be running a password guesser with user 'superuser'. Or am I missing
> something here?
> 
I nice way is to disable all /manage - URLs for all hosts then
localhost.
Then use port-forwarding over ssh for editing the pages.
This is like ssl for the poors :-)

Regards
Tino Wildenhain