[Zope] - Authenication problems when on webhost?

Paul Everitt Paul@digicool.com
Wed, 9 Dec 1998 07:29:08 -0500


Jimmie writes:
> Michel wrote:
> >import os
> >while 1:
> >	os.fork()
> >
> >A trivial fork bomb, but there are a million others.  Please 
> don't mistake my
> >comment as a request to start a discussion on hack techniques.
> 
> Ah, security risks. Being a naive end-user who is not a 
> security risk, who
> is not accustomed to thinking about malicious users. It is 
> something I will
> have to learn though. :(

This is something we need to point out when talking about all the
various facilities for creating applications.  While there is a tendency
to leap straight to Python, there are advantages to the facilities of
DTML scripting, the Lever, and Classes.

In this case, since DTML works pretty hard to disallow or prevent
various ways to hose a process and/or machine, it is more trustworthy
than straight Python.

--Paul