[ZODB-Dev] ZEO and Security

[Jeremy Hylton]

>>>>> "MP" == Michel Pelletier <michel@digicool.com> writes:

  MP> On 7 May 2001, Bill Anderson wrote:
  >> On 07 May 2001 10:09:34 -0400, Chris McDonough wrote:
  >> > Ssh tunnelling is an effective workaround for now.
  >>
  >> Not really, as that just encrypts the traffic from the client. it
  >> does nothing to prevent, say, Bob from doing things he should
  >> do,such as messing around with Joe's data.

  MP> Security is outside the domain of the database.  ZODB does not
  MP> know anything about Bob or Joe or any other object for that
  MP> matter, and it would be a pain to try and teach it (and probably
  MP> a bad idea in general) application level constraints like
  MP> security.

I don't agree.  There are a variety of security issues that ZODB
should probably address.  For ZEO, a minimum level of security is
controlling access to the database.  For any interesting application,
however, there needs to be some real access control machinery.
Something like Python's rexec, which can be used to force a client to
use an object's official interface, seems like the right place to
start.

On the whole, it seems like a big project.

Jeremy