IRC log of #zope for Wednesday, 2015-09-02

« Tuesday, 2015-09-01 Index Thursday, 2015-09-03 »
*** maurits has joined #zope00:25
*** maurits has quit IRC02:23
*** maurits has joined #zope02:23
*** kosh has quit IRC02:33
*** tiwula has quit IRC03:12
*** maurits has quit IRC03:23
*** maurits has joined #zope03:23
*** maurits has quit IRC03:25
*** maurits has joined #zope03:25
*** Pumukel has quit IRC03:58
*** yvl has joined #zope07:08
*** tisto has joined #zope07:51
*** yvl has quit IRC08:31
*** alecm has quit IRC08:31
*** alecm has joined #zope08:38
*** JaRoel|4D has quit IRC09:10
*** kacee has joined #zope09:28
*** raveon has joined #zope09:52
*** giacomos has joined #zope09:54
*** giacomos has quit IRC10:02
*** MrTango has joined #zope10:17
*** kosh has joined #zope10:45
*** JaRoel|4D has joined #zope10:56
*** yvl has joined #zope11:00
*** raveon has left #zope11:15
*** kosh has quit IRC12:55
*** JaRoel|4D has quit IRC13:02
*** kosh has joined #zope13:05
*** fredvd has joined #zope13:07
*** fredvd has quit IRC13:08
*** fredvd has joined #zope13:11
*** maurits has joined #zope13:29
*** fredvd has quit IRC13:44
*** MtEverest has joined #zope13:46
MtEveresthi, question regarding zeo..13:47
MtEverestCan I invoke zeopack on any server running zeo, as it requires only server name and port...13:47
MtEverestI mean it doesn't need any authentication.....13:48
mgedminyes?13:49
*** maurits has joined #zope13:52
MtEverestWhat stops it from someone else running this command who is not authorized to do so....13:53
MtEverestI mean issuing a pack command for any server from my system...13:53
MtEverestin case I don't have any authentication system in place for zeo client and server13:54
mgedminwhy are you worried about packing, specifically?13:54
mgedminif you don't have any auth, then anyone who can connect to zeo can read/write any data in it13:54
MtEverestquestion comes in general for authentication between zeo client and server13:54
mgedminah, ok, packing lets them destroy data13:54
mgedminwhat I do is use unix sockets to talk to zeo -- this lets you protect them with unix filesystem permission so only the zope user account can talk to zeo13:55
mgedminofc this only works when everything's on the same server13:55
MtEverestSo you mean to say that if we have zeo on separate server then authentication is a must13:56
MtEverestIt is not highlighted in documentation anywhere13:56
mgedmindepends!  maybe you have an isolated network13:56
mgedminbut yeah, exposing zeo on the internet is a Bad Idea Don't Do It13:57
MtEverestThanks!!!!13:57
mgedminit's perhaps worth mentioning that pickles are a remote code execution vector13:57
MtEverestSo but the whole purpose of zeo is high availability and load balancing13:58
MtEverestand if that server is not callable from my clients on different servers  or rather with some care then it should be mentioned in examples or documentation13:59
*** benji has joined #zope13:59
mgedminI mostly use zeo to make zope restarts less painful13:59
mgedminbut yeah13:59
MtEverestI am using zeo with pyramid and zodb13:59
mgedminthese days relstorage is popular13:59
mgedminalso gives you high availability/load balancing13:59
mgedminplus postgres gives you auth options14:00
mgedminwait a second14:00
*** MtEverest has quit IRC14:00
mgedminHA/load balancing?  zeo?  no14:00
mgedminah, on the zope side14:00
mgedminyes14:00
*** MtEverest has joined #zope14:02
MtEverestmgedmin: My connection got reset14:02
MtEverestIf you have answered then please answer again....14:03
MtEverestshould I go for relstorage or zeo14:03
mgedminI cannot make this decision for you14:03
*** MtEverest has quit IRC14:06
*** JaRoel|4D has joined #zope14:07
*** MtEverest has joined #zope14:09
MtEverestthanks mgedmin14:22
mgedminbtw http://zope3.pov.lt/irclogs-zope/%23zope.2015-09-02.log.html#t2015-09-02T14:00:3014:22
mgedminsince your connection dropped14:22
mgedminyou probably didn't miss anything important14:23
MtEverestI figured out.. thanks14:24
MtEverestwil evaluate both and then decide14:24
MtEverestactually the problem comes from the fact that being a startup these decisions sometimes consume a lot of time...so I thought experts here will bail me out somewhat14:25
MtEverestright now none of my traffic stats suggest me to load balance14:25
MtEverestbut I thought if I can decide between zeo / relstorage from the beginning it would be great14:26
*** MtEverest has quit IRC14:51
*** Pumukel has joined #zope16:21
*** kosh has quit IRC16:27
*** kosh has joined #zope16:29
*** maurits has quit IRC16:59
*** maurits has joined #zope17:03
*** kacee has quit IRC17:25
*** yvl has quit IRC17:25
*** roq_ has quit IRC18:17
*** roq_ has joined #zope18:30
*** JaRoel|4D has quit IRC18:58
*** JaRoel|4D has joined #zope19:08
*** kosh has quit IRC19:44
*** kosh has joined #zope20:12
*** tisto has quit IRC20:16
*** JaRoel|4D has quit IRC20:34
*** JaRoel|4D has joined #zope20:44
*** maurits has quit IRC21:04
*** JaRoel|4D has quit IRC21:14
*** benji has quit IRC21:15
*** benji has joined #zope21:17
*** JaRoel|4D has joined #zope21:27
*** MrTango has quit IRC21:50
*** MrTango has joined #zope22:00
*** loechel has joined #zope23:24
*** Pumukel has quit IRC23:25
*** loechel is now known as Pumukel23:26
*** MrTango has quit IRC23:39
*** MrTango has joined #zope23:51
« Tuesday, 2015-09-01 Index Thursday, 2015-09-03 »

Generated by irclog2html.py 4.0.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!