Re: [Zope-dev] How (in)secure is Zope?

2003-03-22 Thread Stuart Bishop
On Thursday, March 13, 2003, at 11:54 AM, Christian Tismer wrote: Dear Zope community, please excuse my ignorance, but I am asked from time to time how secure or insecure Zope actually is, and I always have to say that I actually don't know. From a sysadmin's point of view, it is roughly

Re: [Zope-dev] How (in)secure is Zope?

2003-03-15 Thread Christian Tismer
Jamie Heilman wrote: [snipped many good things] Generally, the more software you install, the more open to attack you are. If you don't need it, don't run it, and don't install it. Some Zope products may open up more avenues of exploit than others, thats why the admin should audit them before

Re: [Zope-dev] How (in)secure is Zope?

2003-03-15 Thread Jamie Heilman
Christian Tismer wrote: If you compare Zope's bug paranoia with Python's, would you say Zope is a bit less concerned, or there are not enough people being concerned to get things resolved? I don't really know, I don't follow Python all that closely. Though due cgi.py's usage of tempfile.py I

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Lennart Regebro
My answer to this is: 1. Protecting yourself from your users: Zope fine grained acces control means that you can set up access restrictions that do exactly what you want and let user do what they need, and prevents them from doing what they should not. Obviously you can also make everybody do

Re: [Zope3-dev] Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Steve Alexander
So I think we can reliably say that stock Zope is secure. An insecure product, on the other hand, opens up many possibilities, but that ought to be the subject of a different discussion. ...and if we do have that discussion, can it please be on [EMAIL PROTECTED], and not cross-posted to both

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Jamie Heilman
Lennart Regebro wrote: 5. Protecting yourself against denial of service: Zope does not seem to crash if you send random data to it, and I have in logs seen attemps to overflow buffers and the like that obviously are attempt to crash or break in to other (MS) servers, without this affecting

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Toby Dickenson
On Thursday 13 March 2003 5:21 am, Shane Hathaway wrote: The only vulnerability would involve trusted users who want to vandalize Zope. So even though there have been many hotfixes, they are irrelevant--Zope is still secure. (Unless you can't trust your trusted users, which is a different

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Max M
Jamie Heilman wrote: In this sense Zope is again VERY secure. No it isn't. A statement like that without an argument is worthless in a discussion. You need to elaborate as we cannot read your mind and see what lies behind the statement. regards Max M

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Toby Dickenson
On Thursday 13 March 2003 9:25 am, Lennart Regebro wrote: 5. Protecting yourself against denial of service: Zope does not seem to crash if you send random data to it, and I have in logs seen attemps to overflow buffers and the like that obviously are attempt to crash or break in to other (MS)

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Jamie Heilman
Max M wrote: A statement like that without an argument is worthless in a discussion. You need to elaborate as we cannot read your mind and see what lies behind the statement. My statement wasn't really aimed at you, sorry, I'm not playing fair. My statement was aimed at people who don't have

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Anthony Baxter
Jamie Heilman wrote Without properly configured resource limits, it is trivial to use an exposed Zope instance to exhaust host resources. If this is a real risk for you, you should be using per-process limits to make sure that the host can't be completely destroyed. Sure, zope will fall

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Shane Hathaway
On Thu, 13 Mar 2003, Toby Dickenson wrote: On Thursday 13 March 2003 5:21 am, Shane Hathaway wrote: The only vulnerability would involve trusted users who want to vandalize Zope. So even though there have been many hotfixes, they are irrelevant--Zope is still secure. (Unless you

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Joachim Werner
Christian Tismer schrieb: Dear Zope community, please excuse my ignorance, but I am asked from time to time how secure or insecure Zope actually is, and I always have to say that I actually don't know. There are people claiming that Zope opens a system to quite some level, others claim the

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Chris McDonough
Hi Jamie, I'm wondering if you might consider applying for checkin privileges. The host header issue that you've uploaded several patches for is a bonafide problem for some users, but I think that most people with checkin privs feel that it isn't sufficiently dangerous to the majority of users

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Toby Dickenson
On Thursday 13 March 2003 2:33 pm, Chris McDonough wrote: Hi Jamie, I'm wondering if you might consider applying for checkin privileges. Thats a good idea The host header issue Good catch on that bug btw, that you've uploaded several patches for is a bonafide problem for some users, but

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Chris McDonough
On Thu, 2003-03-13 at 10:26, Toby Dickenson wrote: I suspect most people with checkin privelidges dont know about this problem, because it wont have been sent to the public mailman list. True. I really don't know which set of committers gets the security-related emails from that collector. I

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Steve Alexander
I suspect most people with checkin privelidges dont know about this problem, because it wont have been sent to the public mailman list. Perhaps an email can be sent out saying Issue number 1234. Temporarily restricted pending security review. http://url.to.get.it.if.you.are.logged.in

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Chris McDonough
This is a good idea. I'll add an issue to the collector collector. - C On Thu, 2003-03-13 at 11:10, Steve Alexander wrote: I suspect most people with checkin privelidges dont know about this problem, because it wont have been sent to the public mailman list. Perhaps an email can be

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Florent Guillaume
In article [EMAIL PROTECTED] you write: - Cross-scripting issues: I guess that some of those are still in the Zope Management Interface (which is not meant to be used by untrusted users in most cases), but Zope offers a lot of tools to make sure that it is hard to post malicious code in

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Martijn Pieters
On Thu, Mar 13, 2003 at 06:11:32PM +0100, Florent Guillaume wrote: In article [EMAIL PROTECTED] you write: - Cross-scripting issues: I guess that some of those are still in the Zope Management Interface (which is not meant to be used by untrusted users in most cases), but Zope offers

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Adrian van den Dries
On March 13, Lennart Regebro wrote: 2. Protecting yourself from packet snooping: Zope doesn't have any encryption built-in, SSL needs external software to implement fro example. In this sense Zope can be MADE secure with some work, but is not secure at all out of the box. Speaking of

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Dave Hall
On Fri, Mar 14, 2003 at 09:19:55AM +1100, Adrian van den Dries wrote: On March 13, Lennart Regebro wrote: 2. Protecting yourself from packet snooping: Zope doesn't have any encryption built-in, SSL needs external software to implement fro example. In this sense Zope can be MADE secure

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Jamie Heilman
Chris McDonough wrote: I'm wondering if you might consider applying for checkin privileges. I've considered it. I don't think you need anymore cooks, maybe just a few more recipes. The host header issue that you've uploaded several patches for is a bonafide problem for some users, but I

Re: [Zope-dev] How (in)secure is Zope?

2003-03-13 Thread Chris McDonough
On Thu, 2003-03-13 at 22:09, Jamie Heilman wrote: Chris McDonough wrote: I'm wondering if you might consider applying for checkin privileges. I've considered it. I don't think you need anymore cooks, maybe just a few more recipes. We have many recipes already. The host header issue

[Zope-dev] How (in)secure is Zope?

2003-03-12 Thread Christian Tismer
Dear Zope community, please excuse my ignorance, but I am asked from time to time how secure or insecure Zope actually is, and I always have to say that I actually don't know. There are people claiming that Zope opens a system to quite some level, others claim the opposite. Can someone please

Re: [Zope-dev] How (in)secure is Zope?

2003-03-12 Thread Adrian van den Dries
On March 13, Christian Tismer wrote: please excuse my ignorance, but I am asked from time to time how secure or insecure Zope actually is, and I always have to say that I actually don't know. How secure is your wallet? You will never answer this until you define what you mean by security,

Re: [Zope-dev] How (in)secure is Zope?

2003-03-12 Thread Jamie Heilman
Christian Tismer wrote: please excuse my ignorance, but I am asked from time to time how secure or insecure Zope actually is, and I always have to say that I actually don't know. Thats a good answer. Another one you might consider is, 2 liters because there is no simple answer to that

Re: [Zope-dev] How (in)secure is Zope?

2003-03-12 Thread Christian Tismer
Adrian van den Dries wrote: On March 13, Christian Tismer wrote: please excuse my ignorance, but I am asked from time to time how secure or insecure Zope actually is, and I always have to say that I actually don't know. How secure is your wallet? I won't tell you (since this is insecure:). You

Re: [Zope-dev] How (in)secure is Zope?

2003-03-12 Thread Jamie Heilman
Christian Tismer wrote: This is quite a silly argument, IMHO. No its not, you can't give exact answers to inexact questions with no prior understanding of how much foreknowledge the audience has. Especially when you're talking about security. It is simple: Do I increase the possibility of

Re: [Zope-dev] How (in)secure is Zope?

2003-03-12 Thread Shane Hathaway
On 03/12/2003 07:54 PM, Christian Tismer wrote: Dear Zope community, please excuse my ignorance, but I am asked from time to time how secure or insecure Zope actually is, and I always have to say that I actually don't know. There are people claiming that Zope opens a system to quite some level,