[WF-Infra] What next

kosh at aesaeion.com kosh at aesaeion.com
Sat Jun 23 15:53:07 PDT 2001

On Sat, 23 Jun 2001, Bob Racko wrote:

<stuff not related to ZOPE snipped>
>             NO ZOPE? WHY NOT?
> Its not a wiki-loyalty thing.  I am probably the most mercenary of any of
> us.  I may
> author wiki but I have moved on to write wiki capabilities over into other
> languages/systems.
> The perl one is indeed sluggish in a stock configuration where apache does
> nothing to
> assist the cgi.   The machines in this webfarm have multiple small
> "enhancements" that
> take them far away from a stock configuration.
> Its more an issue on entrustment and $ from the folks who pay me to admin
> the farm.
> I do not voluntarily give my time to them and they are conservative about
> allowing
> other executables onto the system.  They are not willing to pay someone else
> to give zope a security audit.  I do not have time to do it nor will I
> lower my integrity
> to claim I have.
After talking with DC and a few others there has been one zope breakin
ever found so far. What happened was at a convention someone sniffed the
password. Other then that there have been no one known zope breakins. The
problem is that how the ACL list works is an object runs with the
permission of the person running it unless you proxy it to a role all the
time. So what often happens is someone breaks into an oject with the role
of anonymous. The role of anonymous is a read only role that everyone has
by default. So in the end you have broken into nothing. You can do nothing
more then you could do before.

ZOPE also allows ACL control on a per function basis in a program. The WF
site doesn't ever write to the filesystem instead everything writes inside
the ZODB. So even in the extremely unlikely even the site is fully
compromised at a global manager level you still can't get to the
filesystem. There are not even capabilities inside zope to write to the
filesystem so this makes it a lot safer also. The ability to write to the
filesystem is reserver for external methods and python products so the
only things that can read or write to the filesystem are object that exist
on the filesystem and make themselves known to zope.

> Would they permit a wf on zope if they were already using/trusting zope?
> Probably.
> They are also monitoring your UI redevelopment effort though. I admit that
> your efforts to convert your own site from wiki to zope are non-trivial.
> The more you spend on it the less my backers
> are interested in going anywhere near it.
> Oh well.  I keep telling them its a second-system-effect.
There are a number of reasons why it is taking a lot longer. The major one
is I have a number of customers sites to work on for my job so when it
comes to a conflict between them the WF site stuff doesn't get done.
Another major issue is that a lot of the complexity is structural. One
example of this is the real time search engine. If any pages is modified
it is immediately searchable and only that single object that changed
reindexes itself. This makes searching more scalable in that you spread
out the reindexing over time and only for the object that needs it.
Another capability is for the page to modify itself depending on the
viewer. This was a requirment from a customer and since this is using the
same system it gets it also. What it allows is if you have netscape 4.x
you can get a netscape 4 optimized page, if you have a WAP device you can
get a XHTML 1.0 basic page etc. There is also the capability to display
the same document in different places in multiple ways through different
graphic layouts.

The issue ends up being is that this is not a transfer from wiki -> zope.
It is a complete redesign of the entire system with many added features.

Bobr I would love to talk with you on irc about this if you have time at
some point.

> On these machines, Port 80 is already busy and it monitors and counts traffic.
> Another port number will have to be used if you
> would have it get (low bandwidth) web traffic.
> several of the machines are slated to be  DNS hosts
> so I am interested in the "ice" direction too.
> If a machine were to run DNS for worldforge it would sit in
> its own chrooted area with only a few executables handy.
> ;# mailto: bobr at dprc.net
> _______________________________________________
> Infra mailing list
> Infra at mail.worldforge.org
> http://mail.worldforge.org/lists/listinfo/infra

More information about the Infra mailing list