[Zope-dev] RE: [Zope] ZDESIGN IDEAS = How to improve 'manage' ?

Mohan Baro mcbaro@uwimona.edu.jm
Tue, 9 Jan 2001 15:14:59 -0500


My view is that as a sysadmin, I rather give ZOPE superuser/manager the
ability install products through ZOPE, rather than giving them access to the
OS.

Another view I have is that I do not want my developers to think about which
platform they are working on.

ZOPE runs on a variety of OSes and each one of then have their own way of
providing file/directory security (or no security win9x). Zope should rely
on its own security for its products.

..........IMHO

Mohan



-----Original Message-----
From: Martijn Pieters [mailto:mj@zopatista.com]On Behalf Of Martijn
Pieters
Sent: Tuesday, January 09, 2001 9:42 AM
To: Mohan Baro
Cc: Jason Cunliffe; zope@zope.org; zope-dev@zope.org
Subject: Re: [Zope] ZDESIGN IDEAS = How to improve 'manage' ?


On Mon, Jan 08, 2001 at 12:18:37PM -0500, Mohan Baro wrote:
> Are you planning a manage_install for products?
> The ability for superusers to install complelte products directly through
> the management interface, no need for ftp.
> similar to import/export feature

I hope not!

Anyone gaining management access to your Zope server will be
able to install arbitrary products on your server and gain access to the
file system.

There is a strict dividing line between the file system and the ZMI,
allowing installation through the web interface will cross that line with
one giant step.

--
Martijn Pieters
| Software Engineer  mailto:mj@digicool.com
| Digital Creations  http://www.digicool.com/
| Creators of Zope   http://www.zope.org/
---------------------------------------------

_______________________________________________
Zope maillist  -  Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )