Hmm... My thought: on Win32, bind the TCP port to the loopback address.
Since Win32 in _most_ cases is not a multi-user system, this would have the
general effect of keeping this from being an issue (unless you ran terminal
services on your Win32 server).  This obviously doesn't solve security
concerns for things like virus/worm/script issues, but I would think that on
Windows, if you have that problem, this is the least of your concerns (since
there is likely another way a script could attack your underlying storage).

On Unix, use a socket file and setup file permissions as you see fit...

Surely, the appropriate action could be taken by a single startup script,
based upon the platform?


-----Original Message-----
From: Toby Dickenson [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 02, 2002 12:31 PM
Subject: Re: [Zope-dev] Integrating ZEO with Zope 2.7

On Wednesday 02 Oct 2002 8:03 pm, [EMAIL PROTECTED] wrote:
> +1


> IMHO, Zope releases should, in this scenario, be configured by default to
> use a file with ClientStorage over a socket at startup,

That is a tempting idea.

Use of a TCP socket has security implications that make it a bad choice for
default, unless we implement mutual authentication.

Use of a unix socket has the obvious problem that it wont work on windows.

Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to