Tim Peters wrote:
[Christian Tismer]

I don't mean to offend anybody by this, it is just
a very simple question which I cannot answer alone.

There may be a simple question hiding in this, but it's hard to find <wink>.

You try:  how secure is sendmail?  how secure is ssh?  how secure is Python?
Answer those simple(?!) questions in the way you're looking for, and maybe
someone can do the same wrt Zope.  As is, you *appear* to be asking for a
one-word summary of an encyclopedia.  "Big" <wink>.

Hey, you're right. Maybe, by "simple question" I meant "short question", not necessarily easy to answer at all. :-)

For the sysadmin's POV, I think it should be formulated
If I install Zope, and I don't have the time to become
a Zope guru, what are the newly accumulated risks
for my system, if I use the default installation?

The biggest fear would probably be a number of known
exploits, and Joe Hacker just has to download some
of "those tools", and the system is open.
It appears that at least *that* is not the case.

I think the answers given on the list were quite
useful, thanks to you all!

cheers - chris

p.s.: sendmail? ssh? Python?
Security exploits are discussed in the bugtraq list.
I can find them all in the list archive.
What about Zope? It is not in bugtraq.

Christian Tismer             :^)   <mailto:[EMAIL PROTECTED]>
Mission Impossible 5oftware  :     Have a break! Take a ride on Python's
Johannes-Niemeyer-Weg 9a     :    *Starship* http://starship.python.net/
14109 Berlin                 :     PGP key -> http://wwwkeys.pgp.net/
work +49 30 89 09 53 34  home +49 30 802 86 56  pager +49 173 24 18 776
PGP 0x57F3BF04       9064 F4E1 D754 C2FF 1619  305B C09C 5A3B 57F3 BF04
     whom do you want to sponsor today?   http://www.stackless.com/

Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to