[Zope] Major security flaw in Zope 2.3.2

Toby Dickenson tdickenson@geminidataloggers.com
Mon, 11 Jun 2001 10:27:43 +0100


On Thu, 07 Jun 2001 12:59:29 -0700, sean.upton@uniontrib.com wrote:

So you have....
                         /---> PHP
            /---> Apache+----> Filesystem
----> Squid+----> Zope =20
            \---> Others?

Where I have.....

             /----> Filesystem
----> Apache+-----> Squid -----+-> Zope
             \----------------/

>You can just use a squid external redirector (jesred, pyredir, squirm, =
or
>custom) to get the same kind of thing out of Squid as you would expect =
from
>mod_rewrite; then, that means you are using the same mechanism for Zope
>virtual hosts as you are for URL rewriting.  I'm not sure if Apache buys=
 one
>anything more in the rewrite dept.

You are right that mod_rewrites capabilities are equivalent to a squid
redirector. My configuration actually uses a squid redirector anyway
(to dispatch between different Zope servers) so I am paying double the
performance penalty :-(



Toby Dickenson
tdickenson@geminidataloggers.com