[Zope] maintaining consistent security settings across cloned
sites
Paul Winkler
pw_lists at slinkp.com
Tue Aug 26 14:21:15 EDT 2003
On Tue, Aug 26, 2003 at 10:06:34AM -0700, Dennis Allison wrote:
>
> I'm looking for a tool that will help maintain security settings, having
> been burned a couple of times. What I need is:
>
> 1. A tool to traverse a site and build a database of security settings
> that must be set for each of the various roles. Ideally this would
> remove redundancies and, perhaps, raise warnings when settings look
> strange.
>
> 2. A tool to apply said database to a site which is similar but, perhaps,
> not identical in structure--that is, some extra folders(and enclosed
> material) might appear in one site and not in another.
>
> 3. It would be nice if the security settings database could be read and
> edited off-line so they could be reviewed and corrected as a unit.
>
> 4. It has to be able to handle proxies.
>
> 5. It has to be able to handle roles beyond the usual Anonymous,
> Authorized, Manager, and Owner. It's OK to demand that both sites have
> the same user defined roles.
>
> Anyone done anything like this?
Not me... #2 might be handled by an item on my TODO list for ZSyncer;
I need to be able to independently sync and examine various features of objects:
content, contained items, properties, security settings, DublinCore metadata.
Also need to take all this stuff into account for comparing whether items are "in sync".
Also need to provide features for viewing a comparison of each of these aspects
(so you could see e.g. what security settings are different).
However, your requirements 1, 3, and 4 would be out-of-scope for ZSyncer.
Also, this is probably a big job and i have no idea when i'll have anything working.
--
Paul Winkler
http://www.slinkp.com
Look! Up in the sky! It's THE RABID SATIRE!
(random hero from isometric.spaceninja.com)
More information about the Zope
mailing list