[Zope] Important Security Concerns

Phil Harris phil.harris@zope.co.uk
Tue, 12 Sep 2000 13:14:55 +0100


Another option might be to proxy the Zope server through Apache on port 80.


----- Original Message -----
From: "Coleman, Bryan" <bcoleman@questcon.com>
To: <zope@zope.org>
Sent: Tuesday, September 12, 2000 12:43 PM
Subject: [Zope] Important Security Concerns


> I almost have my company convinced that Zope is the technology to use for
> our Intranet/Extranet. However they are very concerned with security. I
have
> proposed two security schemes that I would like zope community feed back
on
> for potential holes.
>
> Option A: Poke a hole through our firewall on the primary http port or on
> port 8080 to allow Zope pages through and then require authentication on
the
> first page.
>
> Option B: Set up a DMZ off the firewall to allow the same as the above.
>
> Any feed back would be welcome.
>
> - Bryan Patrick Coleman
>   Questcon Technologies
>   (336)273-2428 ext-416
>   bcoleman@questcon.com
>
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )