[Zope] Zope security management

The Famous Brett Watson famous@nutters.org
Wed, 21 Mar 2001 01:04:39 +1100


[Say 'hi' to the Zope newbie, everyone.]

I'd like to put in my 2c worth regarding the security management discussion
with particular reference to the encryption side of things, then I have a
small question.

Whilst it would be possible to do encrypted authentication with forms and
Javascript that does a one-way hash (like MD5) using a challenge-response
type of protocol, I agree with the previous poster who said that this would
not be worth it when SSL is an option.

SSL can be obtained (I believe) without the overhead of Apache by using an
SSL wrapper. There is a program available (it's in Debian, for example)
called "sslwrap" which negotiates SSL connections and then forwards the
unencrypted content somewhere else. If you forward to the local host, then
the unencrypted data does not travel over the network. The main disadvantage
here is that Zope thinks all such connections originate at the local host,
and your server logs become somewhat less interesting for that fact.

What I prefer to do personally, when remotely managing my site, is to use
SSH tunnels. I ssh to my Zope-box, then forward port 8080 to
127.0.0.1:zope-port at the other end. This also has the effect that all
connections appear to come from the local host, but I use this fact to
advantage. First, it allows me to filter out my own administrative accesses
from the server log with ease, leaving actual "customer page views" behind.
Second, as an added security measure I specify "localhost" as the domain for
my administrative account. This prevents anyone from accessing the account
without first gaining access via ssh.

My question: am I right in believing that "localhost" in the /domains/ field
of the user form has this effect? It seems to, but all the examples show
right-hand-parts of domains rather than hostnames.

Note that giving ignorant end-users ssh access does not mean you also have
to give them shell access. It's possible to launch them into a menu-driven
system, and the ssh tunnels will still work. Tera Term is a good free Win32
telnet client that has an ssh extension available for it.

Regards,
TFBW