[Zope-dev] Integrating ZEO with Zope 2.7

[sean.upton@uniontrib.com]

Hmm... My thought: on Win32, bind the TCP port to the loopback address.
Since Win32 in _most_ cases is not a multi-user system, this would have the
general effect of keeping this from being an issue (unless you ran terminal
services on your Win32 server).  This obviously doesn't solve security
concerns for things like virus/worm/script issues, but I would think that on
Windows, if you have that problem, this is the least of your concerns (since
there is likely another way a script could attack your underlying storage).

On Unix, use a socket file and setup file permissions as you see fit...

Surely, the appropriate action could be taken by a single startup script,
based upon the platform?

Sean

-----Original Message-----
From: Toby Dickenson [mailto:tdickenson@geminidataloggers.com]
Sent: Wednesday, October 02, 2002 12:31 PM
To: sean.upton@uniontrib.com; guido@python.org; zope-dev@zope.org
Subject: Re: [Zope-dev] Integrating ZEO with Zope 2.7


On Wednesday 02 Oct 2002 8:03 pm, sean.upton@uniontrib.com wrote:
> +1

+1

> IMHO, Zope releases should, in this scenario, be configured by default to
> use a custom_zodb.py file with ClientStorage over a socket at startup,

That is a tempting idea.

Use of a TCP socket has security implications that make it a bad choice for
a 
default, unless we implement mutual authentication.

Use of a unix socket has the obvious problem that it wont work on windows.