+-------[ Nigel Head ]----------------------
| Hi Andrew!
| 
| On Fri, 01 Sep 2000, you wrote
| ...
| > I saw people asking about building 'admin' systems using Zope, this isn't
| > going to be trivially possible without super user privs.
| 
| That people was me. Having looked into things a little further (but not
| actually started the admin tool yet due to "day job" pressures) I've decided
| to go the route (root?!) of using something like 'sudo' or 'runas'  which
| allow you to provide a selection of suid scripts and specify which users are
| allowed to run them (zope, in my case, I suppose).
| 
| I'm still considering the relative merits of using a sort of 'quarantine'
| file/database where zope will dump requests to do things and a cron job will
| poll it periodically to grab things out again and execute them.
| 
| As I wrote that,  I realise dthat it would be interesting to see if that file
| couldn't be made a ZODB storage so I could transfer
| structured information 'tween Zope and a python admin backend; perhaps make it
| a mountable storage from the zope point of view? This would have the added
| advantage of a little mild 'security through obscurity' for the file format for
| casual hackers who may get near to it one day ...

You are intrinsically reducing the platforms your software will run on as
soon as you start trying to use external programs. If you only care about 
Linux, then that's all well and good.

If you have a transaction database for polling, you may as well run
another Zope as root, that only listens on the loopback device, and post
the transactions into the root zope across SSL. At least that way you can
share code.

At least if you stick with the python API, you can cover most of the
platforms that python covers.

-- 
Totally Holistic Enterprises Internet|  P:+61 7 3870 0066   | Andrew Milton
The Internet (Aust) Pty Ltd          |  F:+61 7 3870 4477   | 
ACN: 082 081 472 ABN: 83 082 081 472 |  M:+61 416 022 411   | Carpe Daemon
PO Box 837 Indooroopilly QLD 4068    |[EMAIL PROTECTED]| 

_______________________________________________
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Reply via email to