[ANN] SkunkWeb 3.0 Released!
drew_csillag at geocities.com
Fri Aug 24 22:13:46 CEST 2001
On Fri, Aug 24, 2001 at 08:46:22PM +0400, Oleg Broytmann wrote:
> On Fri, 24 Aug 2001, Drew Csillag wrote:
> > > > You don't trust the people who build the website for your company?
> > >
> > > Certainly NO! Let us see.
> > >
> > > 1. Some people do malicious things intentionally.
> > If they work for you, they should be fired, and quickly.
> We do it, from time to time. But first you need to catch them by hand.
Well, if that is your situation, then you may want to put bars around their
cubicles as a precautionary measure :).
> > Trying to make something foolproof is an exercise in futitlity as
> > fools are incredibly ingenious.
> ROFL :)))
> Too true, too true...
> > One could argue that Zope's web based content management system offers
> > more holes for the outside cracker to exploit though.
> I have never heared about cracked Zope site.
Well, there was at least one this year (not a cracked site but a
Even if there were no vulnerabilities, there's something about having
a web based content management system on the open net that just gives
me the heebie-jeebies.
> > > 4. And there are different types of sites and users. Think about Geocite.
> > > Do you trust its users? :)
> > Of course not. SkunkWeb was not designed for, nor is it appropriate for
> > hosting in that way.
> That's the point!
Ahhh, no. Hosting your own content is what most people deal with I
believe, not hosting other people's content, otherwise most of the app
servers on the market wouldn't exist because they have a similar trust
model as SkunkWeb, e.g. PHP, ASP, JSP, StoryServer, PSP all effectively
trust the template authors.
After I thought about it a bit, you could host something like Geocities
with SkunkWeb very easily by turning off component evaluation on user
> > > No. Without a class it is not programming at all.
> > Ahem... You are saying that without classes, you aren't programming?
> > So this whole Linux kernel is not *real* programming? I respectfully
> > and emphatically disagree.
> I meant "object publishing"... but let us forget it now.
Ahh, ok. Got it.
> > I guess the main crux of this discussion is:
> > SkunkWeb is best oriented towards sites where the site authors can
> > be trusted not to maliciously mess things up (e.g. where the site
> > authors work for the company that runs the site). Contrapositively,
> > SkunkWeb is not suited to the environment where the site authors may
> > be hostile.
> Well said!
> Programmers don't die, they just GOSUB without RETURN.
Should insert BASIC before "Programmers" :).
BTW: on a totally side thing: can Zope do virtual hosting?
More information about the Python-list