On Wed, 2003-03-12 at 19:54, Christian Tismer wrote:
> Dear Zope community,
>
> please excuse my ignorance, but I am asked
> from time to time how secure or insecure
> Zope actually is, and I always have to say
> that I actually don't know.
>
> There are people claiming that Zope opens a system
>
[Christian Tismer]
> ...
> I don't mean to offend anybody by this, it is just
> a very simple question which I cannot answer alone.
There may be a simple question hiding in this, but it's hard to find .
You try: how secure is sendmail? how secure is ssh? how secure is Python?
Answer those simp
Tim Peters wrote:
[Christian Tismer]
...
I don't mean to offend anybody by this, it is just
a very simple question which I cannot answer alone.
There may be a simple question hiding in this, but it's hard to find .
You try: how secure is sendmail? how secure is ssh? how secure is Python?
Ans
On Wed, Mar 12, 2003 at 09:39:02PM -0500, Tres Seaver wrote:
> Now let me describe another configuraton, running in production now for
> years (one process in the cluster had an uptime of 400 days at a recent
> hardware-induced reboot):
>
> - Two Zope application servers run behind a load balanc
[Christian Tismer]
> ...
> p.s.: sendmail? ssh? Python?
> Security exploits are discussed in the bugtraq list.
> I can find them all in the list archive.
> What about Zope? It is not in bugtraq.
The obvious conclusion is that no security hole has ever been discovered in
Zope. Whether that's a *co
