[ZODB-Dev] ZEO and Security

[Jeremy Hylton]

>>>>> "JC" == Jason Cunliffe <jasonic@nomadicsltd.com> writes:

  JC> "Jeremy Hylton" <jeremy@digicool.com> wrote:
  >> I don't agree.  There are a variety of security issues that ZODB
  >> should probably address.  For ZEO, a minimum level of security is
  >> controlling access to the database.  For any interesting
  >> application, however, there needs to be some real access control
  >> machinery.  Something like Python's rexec, which can be used to
  >> force a client to use an object's official interface, seems like
  >> the right place to start.
  >>
  >> On the whole, it seems like a big project.

  JC> hmm... Wondering if one could embed PYRO to manage a ZEO
  JC> security system?

How does PYRO help us solve the security problem?  ZEO already has a
simple remote method invocation mechanism.

Jeremy