[Zope] ZServer security question
Tue, 25 Jun 2002 13:58:13 -0400
I've seen some people advise not placing a ZServer server directly
accessible on the Internet due to security concerns. I guess the
recommended practice is to front the Zope service via Apache, et al. I have
no great objection to this but I'd like to know more about why. Zope,
itself, appears to this newbie to be reasonably secure with the user_acl
stuff built in. Are appearances deceiving?