[Zope] root privileges required
Vangelis Mihalopoulos
mihalop at VTrip.NET
Tue Jul 27 13:22:29 EDT 2004
Chris McDonough wrote:
>I hate it when people "nanny" me about doing things that are possible
>but outside of the scope of normal usage, so I hesitate to warn you
>about this. But I still feel compelled to warn you that running Zope as
>root is not advisable; while there have been no known remote exploits of
>Zope that allow an intruder any form of filesystem access, obviously
>it's possible, so running as root is potentially quite dangerous.
>
>
Well, i agree with you. But, still, using suid python scripts for half
of my app is a problem... believe me, it will be much easier for someone
to find a security flaw in my app than is Zope... :)
More information about the Zope
mailing list