[Zope] Important Security Concerns
Coleman, Bryan
bcoleman@questcon.com
Tue, 12 Sep 2000 08:31:52 -0400
That would cause another whole set of problems, unless apache is inherity
more secure than Medusa. I was really wondering what the risks are
associated with those two options.
- Bryan Patrick Coleman
Questcon Technologies
(336)273-2428 ext-416
bcoleman@questcon.com
> -----Original Message-----
> From: Phil Harris [SMTP:phil.harris@zope.co.uk]
> Sent: Tuesday, September 12, 2000 5:15 AM
> To: Coleman, Bryan; zope@zope.org
> Subject: Re: [Zope] Important Security Concerns
>
> Another option might be to proxy the Zope server through Apache on port
> 80.
>
>
> ----- Original Message -----
> From: "Coleman, Bryan" <bcoleman@questcon.com>
> To: <zope@zope.org>
> Sent: Tuesday, September 12, 2000 12:43 PM
> Subject: [Zope] Important Security Concerns
>
>
> > I almost have my company convinced that Zope is the technology to use
> for
> > our Intranet/Extranet. However they are very concerned with security. I
> have
> > proposed two security schemes that I would like zope community feed back
> on
> > for potential holes.
> >
> > Option A: Poke a hole through our firewall on the primary http port or
> on
> > port 8080 to allow Zope pages through and then require authentication on
> the
> > first page.
> >
> > Option B: Set up a DMZ off the firewall to allow the same as the above.
> >
> > Any feed back would be welcome.
> >
> > - Bryan Patrick Coleman
> > Questcon Technologies
> > (336)273-2428 ext-416
> > bcoleman@questcon.com
> >
> >
> > _______________________________________________
> > Zope maillist - Zope@zope.org
> > http://lists.zope.org/mailman/listinfo/zope
> > ** No cross posts or HTML encoding! **
> > (Related lists -
> > http://lists.zope.org/mailman/listinfo/zope-announce
> > http://lists.zope.org/mailman/listinfo/zope-dev )