[Zope] Zope+Python source-code security
Pawel Lewicki
lewicki@provider.pl
Mon, 29 Apr 2002 23:32:28 +0200
> All you need to do is copy the zope directory, run zpasswd.py on the new
> zope instance, start it up on a new machine or new port, and they can
> see anything in the ZODB that they want to. They wouldn't have the
> ability to modify the Zope that you provided, at least without you
> knowing that the password changed, but I don't know if that matters.
>
> Sorry, I know that's not the answer you wanted.
:) You're right. Will it be the same with a folder with unchecked "Acquire
permission settings" and no user folder?
> What will you use if you don't use Zope?
The task is to build an application with www front-end building structure in
xml (not necessarily) and building dynamic sql queries. It should run on
many platforms (Windows/Unix). I have no experience with scripting languages
except for VB so the effort taken to get experience with any chosen platform
would be comparable. The problem is that the number of supported solutions
given in Python and Zope would allow to focus on software architecture not
low level programming.
What would you suggest?
Pawel Lewicki