[Zope] Major security flaw in Zope 2.3.2

sean.upton@uniontrib.com sean.upton@uniontrib.com
Wed, 06 Jun 2001 14:05:06 -0700


I've never heard of putting squid _between_ apache and ZServer, but why not
put squid on the outside of your system as to not create extra latency?

I think squid is much more advanced than mod_proxy in terms of caching
options and raw speed.  I am currently setting up a ZEO cluster with nodes
running ZServer sitting behind a pair of load-balanced squid caches (the ZEO
nodes are also balanced by squid's round-robin features).  I am also putting
ZServer behind mod_proxy for internal use, so I will have the ability at
some point to one day comparatively benchmark all of these.

If at some point, I do get around to it, I'll post results to the list.

Sean

-----Original Message-----
From: Ragnar Beer [mailto:rbeer@uni-goettingen.de]
Sent: Wednesday, June 06, 2001 1:04 PM
To: zope@zope.org
Subject: Re: [Zope] Major security flaw in Zope 2.3.2


I never thought of having Squid between Apache and Zope
but it sounds very interesting. What's the advantage over
mod_proxy?

Ragnar

>I use....
>
>Apache -> Squid -> Zope
>
>...with negligible additional latency at moderate loads.
>
>
>Toby Dickenson

_______________________________________________
Zope maillist  -  Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )