[ZODB-Dev] Python RPC

Mon, 28 May 2001 20:26:39 +0100

> So if you've been scared off from CORBA because of it's difficult to use,
> welcome to O-P;

Not difficult to use, just difficult to remember ;-) I used to write
Java-CORBA apps using the freely available ORB, but it never really worked
out :-S

> code to make a fully distributed app is _trivial_ and
> works very well. I'd like to see more users, and we host #ORBit-Python on
> the OPN if people want real-time support on it. I'd tell people looking to
> consider it as a very decent alternative.

Cool, I'll pop by and say 'hi' next time I'm properly online.

Hmmm... been stewing on this over the weekend and I think I've said it
already but what I'm really looking at is a secure transport layer into a
RestrictedPython ZEO connection of a Zope server.

Basically, ZEO is cool, but insecure. You can't implement security on the
client side because your clients can then be hacked and the security
removed.
So, I think that means you need to do security on the server side where
you're clients can't futz, which I think leaves:

Client Python Environment
          |
          ^
   secure transport
          ^
          |
 Server Python Environment
          |
RestrictedPython Environment
          |
     ZEO Connection

Is this possible? Does it make sense? If so, is there anything already out
there that will take care of any of the layers?

The end aim would be to be able to do something like the following on the
client:

app = ServerConnection.get('app')
for id in app.objectIds():
  print id

...in a restricted python environment where Zope's security assertions are
respected.

Hurm... hope some of this makes sense...

help! ;-)

Chris