[ZODB-Dev] ZEO and Security

Bill Anderson bill@libc.org
07 May 2001 16:00:20 -0600 

On 07 May 2001 12:48:02 -0700, Michel Pelletier wrote:
> On 7 May 2001, Bill Anderson wrote:
> 
> > On 07 May 2001 11:06:20 -0700, Michel Pelletier wrote:
> 
> > > Security is outside the domain of the database.  ZODB does not know
> > 
> > Since when??
> > 
> > Pretty much all RDMS servers I've used have a security mechanism.
> 
> I should have been more clear, as Jeremy pointed out, obviously access to
> the database itself should be constrained.
> 
> > > If you want security like the Zope application enforces, then you need to
> > > either duplicate that security in your app (ugh) or just use Zope as the
> > > ZEO client.  Zope's interfaces are now HTML, but there's no reason why
> > > they could not be some GUI framework.  It sounds like what you are writing
> > > is more of a "ZODB-browser".  Probably an easier task yes, but not as
> > > useful.
> > 
> > Exactly, i don't want to go through and duplicate the zope security
> > machinerey, and the full extent of it is not even neccesary. it seems
> > anathema to the OS mantra of code reuse. Why should everyone reimplement
> > database security for each app?
> 
> Because different applications have different requirements.

Right, so provide a basic, optional auth mechanism, or at least the hoks
to have one. That way, since many aps will need nothing more than a
simple user/pass combo, an dperhaps a groups style qualifier, you cover
most of the basics. Those that need a more detailed security mechanism
can either replace or extend the one that is provided.

> 
> > All we really need for basic security
> > 9again, which is all that is ebing asked), is a hook, such that db
> > access goes through before being allowed to operate.
> 
> I was under the impression that you were looking for object-level access
> controls.  Which is what Zope implements in its security

As I said, that would be nice, but by no means required at this point.
Walk, then run. :) If I had a way to authenticate who _could_ use the
DB, then that is much better than nothing.

For an example, see my response to Jim.

> machinery.  Implementing something similar in ZEO is possible, but as
> Jeremy also pointed out, a big project.

I agree.  how hard would a simple challenge-repsonse be?

I can put a user/pass setup into a storage, but have no way of forcing a
client to use it, since all the code is in the client. I'll have to kick
around some ideas I've had and see if any can be whipped into a better
format....


Bill