[Zope] scary security questions
Tres Seaver
tseaver@digicool.com
Fri, 12 May 2000 13:02:14 -0400
Paul Abrams <paulabrams@yahoo.com>
>
> We are putting our site up and have some questions about
> Zope security relating to one of Zope's biggest
> benefits...remote administration. If some kid obtained
> access to the manage screens he could...well you know :(
>
> 1) What prevents someone from getting into the manage
> screens by cracking the admin username:password? Are failed
> login attempts logged anywhere? If not, is there any way to
> log them short of hacking the zope python code?
This is an excellent suggestion. Would you please post it to the
Collector:
http://classic.zope.org:8080/Collector/developer_input
> 2) Is there any way to turn off the manage screens, or set
> them so that they can only be run locally?
When you create a user with 'Manager' role, you can set the domains /
IP addresses from which that user is allowed to log in.
> 5 er...3) Is there any way to run the manage screens on a
> different port than the rest of Zope? (i.e. not port 80)
> This would allow us to open/close that port in our firewall
> whenever we needed to access the manage screens remotely,
> or run it over a VPN.
SiteAccess plus Apache/SSL will do this for you.
>
> What are other people doing to protect themselves?
The 'superuser' is about to become almost useless for standard site
management (see the recent "Trojan" announcement for details). This is
a Good Thing(TM), as it will induce people to create "management" users,
which are much simpler to secure.
Tres.
--
=======================================================================
Tres Seaver tseaver@digicool.com http://www.zope.org
Digital Creations "Makers of Zope"