[Zope] future direction (was "problems with SiteRoot in Zope2.5.1")

Jack Coates jack@monkeynoodle.org
29 Jul 2002 21:05:27 -0700 

On Mon, 2002-07-29 at 14:31, Jim Penny wrote:
> On Mon, Jul 29, 2002 at 05:18:19PM -0400, Chris McDonough wrote:
> > I sympathize with this, it's a real job keeping up with Zope
> > developments.  But one person every couple of days locks themselves
> > out of their site using a SiteRoot, and runs screaming to this list.
> > ;-)  Evan or someone else usually talks them down from the tower in
> > gentle tones, but it's still... well, it's annoying.  This is why
> > VirtualHostMonsters are better.. they're inert unless you actually
> > use them.  And they do everything that SiteRoots do.
> > 
> > Personally, I want to nuke SiteRoots out of Zope but I don't think
> > it's going to happen (because lots of folks use and like them), so
> > no worries in any case.  They're going to stay around, probably
> > until the bits fall out of them.  We'll just need to prop Evan and a
> > couple of other folks up in front of their PCs 24x7 to deal with the
> > poor souls who innocently fill out a form and then find they can no
> > longer access any of their data. ;-)
> 
> How about a check to prevent them from being installed in Zope's root
> directory?  Then people could get to the undo tab without any real
> effort.
> 

This sounds like the sensible solution -- there's an AAA system in
place, so using it to prevent stupid things is better than removing the
useful tool that someone inadvertently does stupid things with. I read
the SiteRoot documentation and used it as directed and it worked. Can't
say the same for dtml-tree :-)

> It is kind of a pet peeve that there is not a section in the book about 
> "Best Practices"  (gad, I hate that term).  Anyway, it would seem to me
> to be a best practice that Zope's root be open only to your most trusted
> administrators, contain anything that is security conscious (database
> connectors spring to mind), and not contain anything that can lock you
> out of your site (siteroots, VHMs,  and third party user folders spring 
> to mind.)
> 

Hear hear.

> Jim Penny
> > 
> > - C
> > 
> 
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists - 
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
> 
-- 
Jack Coates
Monkeynoodle: A Scientific Venture...