Hmm... My thought: on Win32, bind the TCP port to the loopback address. Since Win32 in _most_ cases is not a multi-user system, this would have the general effect of keeping this from being an issue (unless you ran terminal services on your Win32 server). This obviously doesn't solve security concerns for things like virus/worm/script issues, but I would think that on Windows, if you have that problem, this is the least of your concerns (since there is likely another way a script could attack your underlying storage).
On Unix, use a socket file and setup file permissions as you see fit... Surely, the appropriate action could be taken by a single startup script, based upon the platform? Sean -----Original Message----- From: Toby Dickenson [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 02, 2002 12:31 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: [Zope-dev] Integrating ZEO with Zope 2.7 On Wednesday 02 Oct 2002 8:03 pm, [EMAIL PROTECTED] wrote: > +1 +1 > IMHO, Zope releases should, in this scenario, be configured by default to > use a custom_zodb.py file with ClientStorage over a socket at startup, That is a tempting idea. Use of a TCP socket has security implications that make it a bad choice for a default, unless we implement mutual authentication. Use of a unix socket has the obvious problem that it wont work on windows. _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
