[Zope] Zope application offline - how to apply a license
ptotection?
Jaroslav Lukesh
lukesh at seznam.cz
Wed Aug 13 21:55:20 EDT 2003
> Odesнlatel: Anton Zubenko <zanton at axystem.com>
> Our company is developing an application, supposed to be run under
dedicated
> zope server, placed offline in our customers corporate environment and
> requested via LAN.
> What would be the right way to protect this mechanism from hacking,
provied
> that zope is an open-source platform, so any code is hypothetically
> accessable by the customer and apllication is run completely offline with
no
> intercation with our information system?
>
> The required level of protection is not really high, but we need to be
safe
> from attempts to hack the application by modest programmers at least.
1. use dedicated server with crypted FS (eg., Linux), does not share ANY
passwords.
2. does not allow to users gone above specified hierarchy of folders.
3. disable for all other access than "view" all DTML Methods and
code-critical DTML documents.
etc...
Regards JL.
More information about the Zope
mailing list